that IphoneThe ability to back up itself over Wi-Fi to a computer running iTunes has a glaring security flaw, which means that anyone with access to that computer could easily access a wide range of personal data.
According to the new ideas (Opens in a new tab) from privacy tool Certo provider, Apple fails to keep its devices secure by failing to keep users aware that its long-term backup feature, iTunes WiFi sync, is even enabled.
This is an issue when part of the hack involves accessing the victim’s iPhone and setting up the backup on any computer, after which the data can be read by desktop and mobile apps, and compiled into intuitive reports for perusal.
The role of iTunes WiFi Sync in espionage
As Certo points out, iTunes WiFi syncing is just one example of how it can be done Parental control apps Domestic abusers can take advantage of them to assert control over many aspects of their lives.
The company points out that misuse of technology is common across many providers of “internet of things” products, such as Alexa-enabled Amazon devices, Google Maps, and electric cars.
iPhone users who have good reason to believe that they might be hacked in this way, have not, until now, been able to easily detect if the feature is enabled. Strangely enough, Apple has disabled the option to check if the feature is enabled in the iPhone Settings menu since the release of iOS 13.
Right now, the only indication that the iPhone is “WiFi syncing” is a small rotating circle of arrows at the top right of the interface when the backup is in progress.
This reminds us of the existence of the AirTag device, designed to track belongings but also Stalkers use it to track people downFor a while, users were only notified of the presence of an AirTag in the vicinity of their iPhone with a single notification that read “Accessory Detected.”
Apple is taking longer to fill in this particular security hole, and although Certo has recommended that Apple bring back the WiFi Sync option in the Settings app, in addition to actually letting users disable the feature directly from their device, it has yet to receive a response from the tech giant.
In the meantime , Certo released a tool (Opens in a new tab) For desktop computers that allows users to check if the feature is active, as well as disable it.