nep157

Q: is it possible to have a remote user on your iphone if you never set on up?

My Iphone over the last couple of months has been acting very weird- I can not turn it off, my battery dies in 2 hours, it switches screens on me in the middle of me doing something.

 

i have both "user processes and root user processes running all of the time

 

i have never set up a root user

 

I live with my boyfriend who has a mac - ipad and iphone- we use the same wireless network

He has vuze and bit torrent which both i cant seen to run properly as the way they are safed or locked i can not access the files - he also has vmware fusion- again i am unable to run it -

 

I was told by a friend to turn on my data and watch it to see which programs or applications that I have could be possibly malfunctioning- since then I have notices in my data the following:

 

there are ports on my connections  which i have looked up and are all associated with hacking - 5353-5433-6401-5223--80- so many more I cant bare to look through all the data I have saved- I am not technology savy - the whole process of trying to figure out if this is true or even possible is emotionally and mentally draining-

 

in my data there are key logs some short some long- some private some public?

 

key logs

which have information such as -

encodin=UTF-8"?><DOCTYPEplist PUBLIC"-aplle//dtdplist 1.0//EN

 

key com.apple OTAcrashcopier.successfulSubmissionTime<\key>

array

after multiple list with temperature 1 through 8- which each have a list

<real>a number<real>

 

it says key com.apple.springboard.thermallevels key array

 

<key> adlogcreation date</key>

 

<key>metadata</key>

<dict>

 

<key>ADuserIntefaceLanguage<key/>

 

<string> en </string>

<key> adusersetregionformat<key/>

<stiring> US </string>

<dict/>

then a list of

<Key>ad scalars<key/>

<dict>

<key/> appActivationCount.com.apple.ApStore<key>

integer 1 interger

and it then does that for each one of my applications including

count maps

mobilesms

preference

mobilemail

mobilephone

mobilesafari

key appbackgroundactive time

integer 0 interger

and goes through a list of keys associated with again each of my apps

 

and so on and so on

 

another key log-

7deviceid- a bunch of letters and numbers

then

isAnonymous:True

deviceConfigID:152

trigertime: numbers

trigger ID-655363

profileld:152998

investigation ID: 0

location udatesession

timestamp:numbers

timestampend:numbers

 

desired accuracy:-1

cellavilable:true

wifiavailable:true

passcodeLocked:false

airplanemode: false

ttff:0

ttffGPS:0

accessoryused:false

reachability: 1

power : true

 

there are bunch of key logs all different

 

system data logs with the following

JS:its.sf6.Bootstrap.init:initialize

JS:its.defer.bootstrap._renderpage component render complete

 

I have in data reports and connection the words :

 

local remote peer 

Hash

 

 

my external IP changes constantly even at home -

 

ROOT usr- (never mad one)

keybagd running on my root user processes- PID 1455 PPID 1 priority : 17

sandboxd- PID 1452 PPID 1

filecoordination - PID 103 PPID 1

networkd?privile PID 72 PPID 1

Syslogd PID 18 PPID 1

usereventagent PID 13 PPID 1

kernal_task PID 0 PPID )
launchd PID 1 PPID 0

plenty more

 

in routing tables internet (10)

destination :127   gateway:127.0.0.1

 

destination:192.168.1.1  gateway:0:18:39:7c:46:d9

 

destination:default

gateway - 192.186.1.1

 

gateway pdp_ip0

 

 

 

internet(6) which will have about 150 destinations and gateways listed at once sometimes -

 

destinations can be fe80::f2dc:e2ff:fe20:e5e7%en0 flag- UHLWLi gateway f0:dc_e2:20:e5:e7 (these are always changing ) sometimes they say link7  sometimes fe80::1%Io0 or     98:d6:bb:751a:f3     or   b8:17:c2:28:d6:90   or 4c:b1:99e8:26:21  linl#1    0:26:8:a2:8:2f    c:77:1a:a5:4:2f    6c:c2:6d:b0:21:c2

 

 

connections on my phone: I have the following categories-

in each one the number of connections constantly changes - tcp4 running the most -

udp6 and udp4 mostly look as typed below but occastionally if i check at the right time - there are multiple- and rarly have the remote port

icmp66 - even more rare that i catch that

never port numbers

 

These change even while i have close all apps- and am doing absolutely nothing with my phone

 

tcp4

 

remote user 17.172.232.133.442

remote user 173.194.74.121:80 -

 

remote user- 17.172.232.166 : 5225

 

udp4- local not list - *;*

remote *:*

hostname: n/a

 

local: *:5353

remote: *:*

hostname: N/A

 

udp6

local *:5353

remote *:*

hostname- N/A

 

local: *:55543

remote:*:0

 

 

icmp66 local *:0 and remote *:0

with hostname N/A

 

data logs -

localpeer ID: mobile. 1FDC29D7-2B67-5231-9375-3BDC30E405F, store name:userdictionary, modelversionhash: SAIQVUhF7208e6_gvZx_zdKx1UAzKGem3HO2pLKjgY=ubiquityrootlocation: pfubiquitylocation: 0x1ed87c50 mobile documents/com-apple[textinput/dictionaries

 

springboard

bbbehavioroverride :transition date should be after provided date

 

searrchd

indexed all records

 

searchd

finished getting all applications 

 

 

 

 

 

remote hostenames from akamaitechonlogies

so much more crap but im not sure what would be more useful to get my answer- i know some of this suff is totally normal from all the research i did but i also found a lot which i am very uncomfortable- i have updated my phone and everything - it continues

iPhone 4S, iOS 6

Posted on Sep 28, 2012 5:10 PM

Close

Q: is it possible to have a remote user on your iphone if you never set on up?

  • All replies
  • Helpful answers

first Previous Page 3 of 3
  • by alteric,

    alteric alteric Sep 15, 2015 3:47 AM in response to 19Split47
    Level 1 (0 points)
    Sep 15, 2015 3:47 AM in response to 19Split47

    19Split47 has the right idea for a good starting point especially if someone had physical access to your device. If your decide has Cydia or appears to be jail broken, it's safe to assume you are 100% compromised. See also Cellebrite https://en.m.wikipedia.org/wiki/Cellebrite and Fin Fisher for NSA/FBI grade surveillance tools. But that's not all- apple itself provides a few very worrisome back doors to your IDevices as well!  Research iOS port 62078 & com.apple.pcapd or simply read this article http://m.theregister.co.uk/2014/07/21/ios_firmware_contains_packet_sniffer_and_h ost_of_secret_spying_tools/ if you really want to start losing more sleep at night.


    In addition, bad guys can get in by hacking your home network router if it hasn't been properly secured (by changing the default login to the generic router setup page or not using Wpa2 eas wifi security protocols, etc  (see http://hackersdontwin.com/?cat=139). Ditto if your laptop, desktop, printer or really ANY ELECTRONIC DEVICE that is not properly secured or that contains a security hole or weakness (and there is not a device in the world that DOESN'T), your entire network and everything attached to it can be accessed. That is the reality of the connected world we live in. Even newer cars these days are coming with factory installed internet access, and yes they can and already have been hacked fairly easily and remotely (without ever being anywhere near the vehicle in the physical sense of the word). Personally, I have tried to learn to accept these realities as circumstances which are far beyond my ability to control them for the most part. So I take reasonable precautions to try to mitigate the risks, but I don't obsess over it nearly as much anymore because it is a losing proposition and a sanity and life-sucker if you allow it to be!!!


    But having said all of that, here are a few links for those of you who may prefer to press on in a quest for a better understanding of the situation at hand:


    Demystifying iOS Crash Logs- http://www.raywenderlich.com/23704/demystifying-ios-application-crash-logs

    iOS Developer Library- https://developer.apple.com/library/ios/navigation/index.html?filter=bonjour

    Acronym Definitions- http://www.rfc-editor.org/rfc-style-guide/abbrev.expansion.txt


    I wish you to best of luck but remember, the best way to beat these people at their own game is to live a happy and fulfilling life DESPITE their ridiculously invasive attacks and actions!

  • by Rebkawhy,

    Rebkawhy Rebkawhy Aug 30, 2016 8:33 PM in response to nep157
    Level 1 (4 points)
    Aug 30, 2016 8:33 PM in response to nep157

    I too have been having the same problems. I have come to find out that my phone is being monitored and my data undergoing "lawful intercept" and everything I do is being routed through the department of defense network information center in Columbus Ohio

  • by Meg St._Clair,

    Meg St._Clair Meg St._Clair Aug 31, 2016 6:02 AM in response to Rebkawhy
    Level 9 (58,419 points)
    iPhone
    Aug 31, 2016 6:02 AM in response to Rebkawhy

    Rebkawhy wrote:

     

    I too have been having the same problems. I have come to find out that my phone is being monitored and my data undergoing "lawful intercept" and everything I do is being routed through the department of defense network information center in Columbus Ohio

    Your issue is well beyond the scope of what anyone in this forum can do to assist you. Consult an attorney.

  • by Rebkawhy,

    Rebkawhy Rebkawhy Aug 31, 2016 9:26 AM in response to Meg St._Clair
    Level 1 (4 points)
    Aug 31, 2016 9:26 AM in response to Meg St._Clair

    Thanks for the response! Any suggestions as to who might be able to help me? I reached out to the ALCU, this was their response:

    Dear Ms. xxxxxxxx

     

    Unfortunately, the ACLU Foundation of Kansas will be unable to assist you with this matter.  We are a private, non-profit organization with limited staff and other resources;  therefore, we must be very selective in the cases we pursue.  We do not have anyone on staff with the expertise to handle cases involving allegedly covert electronic surveillance; therefore, your case does not meet our selection criteria at this time.

    We wish you the best in reaching a satisfactory resolution of your concerns.

    Legal Department

    American Civil Liberties Union Foundation of Kansas

  • by ChrisJ4203,

    ChrisJ4203 ChrisJ4203 Aug 31, 2016 9:33 AM in response to Rebkawhy
    Level 9 (57,215 points)
    iPhone
    Aug 31, 2016 9:33 AM in response to Rebkawhy

    Where are you learning that this is a "lawful intercept"? You could always check with the US Attorney's office for your district, and see if they can answer. A lawful intercept requires a judges order, so there has to have been one in that area if this is actually a truthful statement that it is a lawful intercept. Again, I would be curious as to where you learned this information.

  • by Meg St._Clair,

    Meg St._Clair Meg St._Clair Aug 31, 2016 10:53 AM in response to Rebkawhy
    Level 9 (58,419 points)
    iPhone
    Aug 31, 2016 10:53 AM in response to Rebkawhy

    Rebkawhy wrote:

     

    Thanks for the response! Any suggestions as to who might be able to help me?

    Go to the yellow pages under Attorney. Or, your local legal aid. Or your family attorney.

  • by Rebkawhy,

    Rebkawhy Rebkawhy Aug 31, 2016 6:34 PM in response to ChrisJ4203
    Level 1 (4 points)
    Aug 31, 2016 6:34 PM in response to ChrisJ4203

    A number of things clued me in to the probability of Lawful Intercept interfering with my device:

    *The most telling incident happened an hour or so after I updated to 9.3.5. Somehow the name under settings>general>about changed from "Rebecca's iPhone" to "TOP Station 2's iPhone"

    *'Pegasus' is on my device. Pegasus is sold to law enforcement agencies and the like. Not the public.

    * They accidentally sent to my voicemail a recorded conversation between myself and two other people.

    *  all of my accounts have been hacked, yet none of my money has been stolen or used.

    * and one other thing that happened at 3 am today -  something that I don't care to disclose - confirmed it.

    * IP addresses in my diagnostics logs trace back to the DoD network information center in Columbus OH.

    * Entries in my diagnostics include: 'gas-gauge meter' (iodb2 device), fingerprint storage and enrollment info, cellular LacTac Change logs, FUD state entries, RATs, bird, Pegasus...

    I can keep going with the list of symptoms and manifestations for quite a while, but off the top of my head those are the ones that relate to surviellance and L.I.

  • by ChrisJ4203,

    ChrisJ4203 ChrisJ4203 Aug 31, 2016 6:39 PM in response to Rebkawhy
    Level 9 (57,215 points)
    iPhone
    Aug 31, 2016 6:39 PM in response to Rebkawhy

    Then like Meg, I suggest you contact an attorney, if you do not wish to contact the US Attorney as I indicated before. But this is not something for the public forum.

first Previous Page 3 of 3