I know most of these questions do not get resolved but I have some analytics data from when I ran a sysdiagnos. I believe from the little I comprehend that it does show something is wrong.
things like rtbuddyv2, IOSkywalkNetworkBSDClient, and others that when I look into are all red flags.
I believe it was my spouse and I just need to know with some
more certainty if I’m even correct in thinking. Can anyone provide any kind of guidance?
What’s your goal here?
Learning more about iOS?
Neither of the cited strings are an indication of issues.
Without specific targets, searching logs gets tedious.
While malware does exist for iPhone, its usage so far has been very rare and very targeted. That malware is very expensive, too. If you believe you are a target, what symptoms or issues have you encountered, and what have you already done to reset and/or better secure your environment? And if you are a target, you’ll really want a better source of technical and security information than will be available from folks like me.
Renewma1 wrote:
My goal is to verify a gut feeling I’ve had for a long time. I believe he had used a hak5 malicious cable previously to harass me, but could never prove it.
I guess I’m desperate for some validation and answers.
Again, what have you done to better secure your environment?
Any “gut feeling” and the possibility of O.MG cable involvement aside, if you don’t have—for instance—two-factor authentication enabled… there are areas of your security which can be hardened against exploits, spearphishing, and such.
If you suspect compromise, perform a factory reset, don’t restore your potentially-compromised backups, and make efforts to better lock down your environment including password changes including passw-rd-reset path passwords, enabling two-factor, verifying that all trusted devices are recognized, verifying trusted numbers are recognized, reviewing all that is connected to your newly-re-passworded Wi-Fi network is as expected, among other steps.
Exploits persistent past a factory reset are very rare.
Or, sure, you can look for an unknown number of unknown needles in an unknown number of unknown haystacks, or as we more commonly call that effort, “reading analytics logs”. Search which may or may not find compromises. Best to address the easier paths to causing persistent issues—easier paths to compromise or re-compromise—first. Before wading into the infinite haystacks.
Start here: https://help.apple.com/pdf/personal-safety/en_US/personal-safety-user-guide.pdf
Renewma1 wrote:
Thanks for refocusing my efforts back on the endgame. I have done those things mentioned above, more than I would like to admit. Unfortunately I’m still in an environment where I’m questioning the physical security of the device. It’s been a long road of dealing with this but I have a better understanding now. Thank you.
You’re seemingly also nearing civil or criminal discussions, as such cases are seldom resolved through technical means, and as these cases variously also involve local legal advice. Particularly if this has been ongoing. Particularly if you have found yourself unexpectedly in possession of an O.MG cable, too.
If you think that has happened just restore the phone to factory settings and set it up as a new phone.
My goal is to verify a gut feeling I’ve had for a long time. I believe he had used a hak5 malicious cable previously to harass me, but could never prove it.
I guess I’m desperate for some validation and answers.
Thanks for refocusing my efforts back on the endgame. I have done those things mentioned above, more than I would like to admit. Unfortunately I’m still in an environment where I’m questioning the physical security of the device. It’s been a long road of dealing with this but I have a better understanding now. Thank you.
LD150, Thank you for all your efforts posting here to help people with your many years of experience, you’ve been nothing but helpful from the get-go. I hope it brings you joy ✌️
[Edited by Moderator]
Best not to run sysdiagnose if you don't understand the output. Nobody here does.
I agree, I guess I’m asking the wrong forum. Any suggestions on where to go for this?
No one ever reads the output of a sysdiagnose. Even Apple engineers don’t. They submit it to an AI app that analyzes it and reports any discrepancies.
"....I agree, I guess I’m asking the wrong forum. Any suggestions on where to go for this?..."
No you are in the right place, you will just not take advice from many man-years of experience
Some more experience from member askbarnabas.
If you suspect your device has been compr… - Apple Community
Don't use unfamiliar cables.
Don't let anyone use your open phone out of your sight
Reset the phone to factory and set it up without restoring any backup.
Do not jail-break.
You are then safe from ANY attempts to access your data.
Sysdiagnose file
