July 23, 2014
Apple has described several diagnostic capabilities offered in iOS in response to the backdoor access claims published over the weekend by Jonathan Zdziarski, a forensic scientist and iOS security expert. Already, Apple denied the claims in a statement, saying that it has "designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues." The iOS device maker added that a user must explicitly agree to share this information before diagnostic data from a device can be accessed. Now, Apple has seen it fit to publish a support document on its website (via MacRumors) outlining the three iOS diagnostic capabilities pointed out by Zdziarski:
1. com.apple.mobile.pcapd pcapd supports diagnostic packet capture from an iOS device to a trusted computer. This is useful for troubleshooting and diagnosing issues with apps on the device as well as enterprise VPN connections. You can find more information at developer.apple.com/library/ios/qa/qa1176. 2. com.apple.mobile.file_relay file_relay supports limited copying of diagnostic data from a device. This service is separate from user-generated backups, does not have access to all data on the device, and respects iOS Data Protection. Apple engineering uses file_relay on internal devices to qualify customer configurations. AppleCare, with user consent, can also use this tool to gather relevant diagnostic data from users' devices. 3. com.apple.mobile.house_arrest house_arrest is used by iTunes to transfer documents to and from an iOS device for apps that support this functionality. This is also used by Xcode to assist in the transfer of test data to a device while an app is in development.On the support page, Apple reiterates that access to these diagnostic capabilities requires an unlocked iOS device and a trusted computer. It also notes that any transferred data is encrypted with keys not shared with the company.