Skip to content

Instantly share code, notes, and snippets.

Dino Dai Zovi ddz

Block or report user

Report or block ddz

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@ddz
ddz / ios_lockdown_diag_services.md
Last active Oct 30, 2019
iOS Lockdown Diagnostic Services
View ios_lockdown_diag_services.md

TL;DR

  • Pairing an iOS device to a host (computer running iTunes) gives that host significant access to data on the iOS device and requires connecting the unlocked iOS device to a host over USB
  • Once paired, that host (or another host that has stolen its pairing record) can access significant amounts of user personal data from the iOS device over USB and Wi-Fi through the com.apple.mobile.file_relay and com.apple.mobile.house_arrest lockdown services
  • These services will not return user data files that are encrypted and locked by iOS Data Protection but the files returned by file_relay are not protected by iOS Data Protection and do include significant amounts of personal user data that would otherwise be encrypted in iTunes encrypted backups ("Encrypt Backup" is enabled)
  • The com.apple.mobile.file_relay service is not used or referenced by any public Apple software so its intended client software is unknown outside of Apple
  • Apple released a [Knowledge Base article](https://support.apple.co
You can’t perform that action at this time.