During his talk at HOPE/X Jonathan Zdziarski detailed several undocumented services (with names like 'lockdownd,' 'pcapd,' 'mobile.file_relay,' and 'house_arrest') that run in the background on over 600 million iOS devices.
Zdziarski's questions for Apple include:Why is there a packet sniffer running on 600 million personal iOS devices instead of moved to the developer mount?Why are there undocumented services that bypass user backup encryption that dump mass amounts of personal data from the phone?Why is most of my user data still not encrypted with the PIN or passphrase, enabling the invasion of my personal privacy by YOU?Why is there still no mechanism to review the devices my iPhone is paired with, so I can delete ones that don’t belong?
... and his last slide (page 57 of the PDF) sums it up nicely:
Apple is dishing out a lot of data behind our backsIt’s a violation of the customer’s trust and privacy to bypass backup encryptionThere is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.Much of this data simply should never come off the phone, even during a backup.Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminalsOverall, the otherwise great security of iOS has been compromised… by Apple… by design.
Via Gust MEES