Apple Event: May 7th at 7 am PT

Learn more

Add to your calendar 

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: nep157
nep157 Author
User level: Level 1
11 points

is it possible to have a remote user on your iphone if you never set on up?

My Iphone over the last couple of months has been acting very weird- I can not turn it off, my battery dies in 2 hours, it switches screens on me in the middle of me doing something.


i have both "user processes and root user processes running all of the time


i have never set up a root user


I live with my boyfriend who has a mac - ipad and iphone- we use the same wireless network

He has vuze and bit torrent which both i cant seen to run properly as the way they are safed or locked i can not access the files - he also has vmware fusion- again i am unable to run it -


I was told by a friend to turn on my data and watch it to see which programs or applications that I have could be possibly malfunctioning- since then I have notices in my data the following:


there are ports on my connections which i have looked up and are all associated with hacking - 5353-5433-6401-5223--80- so many more I cant bare to look through all the data I have saved- I am not technology savy - the whole process of trying to figure out if this is true or even possible is emotionally and mentally draining-


in my data there are key logs some short some long- some private some public?


key logs

which have information such as -

encodin=UTF-8"?><DOCTYPEplist PUBLIC"-aplle//dtdplist 1.0//EN


key com.apple OTAcrashcopier.successfulSubmissionTime<\key>

array

after multiple list with temperature 1 through 8- which each have a list

<real>a number<real>


it says key com.apple.springboard.thermallevels key array


<key> adlogcreation date</key>


<key>metadata</key>

<dict>


<key>ADuserIntefaceLanguage<key/>


<string> en </string>

<key> adusersetregionformat<key/>

<stiring> US </string>

<dict/>

then a list of

<Key>ad scalars<key/>

<dict>

<key/> appActivationCount.com.apple.ApStore<key>

integer 1 interger

and it then does that for each one of my applications including

count maps

mobilesms

preference

mobilemail

mobilephone

mobilesafari

key appbackgroundactive time

integer 0 interger

and goes through a list of keys associated with again each of my apps


and so on and so on


another key log-

7deviceid- a bunch of letters and numbers

then

isAnonymous:True

deviceConfigID:152

trigertime: numbers

trigger ID-655363

profileld:152998

investigation ID: 0

location udatesession

timestamp:numbers

timestampend:numbers


desired accuracy:-1

cellavilable:true

wifiavailable:true

passcodeLocked:false

airplanemode: false

ttff:0

ttffGPS:0

accessoryused:false

reachability: 1

power : true


there are bunch of key logs all different


system data logs with the following

JS:its.sf6.Bootstrap.init:initialize

JS:its.defer.bootstrap._renderpage component render complete


I have in data reports and connection the words :


local remote peer

Hash



my external IP changes constantly even at home -


ROOT usr- (never mad one)

keybagd running on my root user processes- PID 1455 PPID 1 priority : 17

sandboxd- PID 1452 PPID 1

filecoordination - PID 103 PPID 1

networkd?privile PID 72 PPID 1

Syslogd PID 18 PPID 1

usereventagent PID 13 PPID 1

kernal_task PID 0 PPID )
launchd PID 1 PPID 0

plenty more


in routing tables internet (10)

destination :127 gateway:127.0.0.1


destination:192.168.1.1 gateway:0:18:39:7c:46:d9


destination:default

gateway - 192.186.1.1


gateway pdp_ip0




internet(6) which will have about 150 destinations and gateways listed at once sometimes -


destinations can be fe80::f2dc:e2ff:fe20:e5e7%en0 flag- UHLWLi gateway f0:dc_e2:20:e5:e7 (these are always changing ) sometimes they say link7 sometimes fe80::1%Io0 or 98:d6:bb:751a:f3 or b8:17:c2:28:d6:90 or 4c:b1:99e8:26:21 linl#1 0:26:8:a2:8:2f c:77:1a:a5:4:2f 6c:c2:6d:b0:21:c2



connections on my phone: I have the following categories-

in each one the number of connections constantly changes - tcp4 running the most -

udp6 and udp4 mostly look as typed below but occastionally if i check at the right time - there are multiple- and rarly have the remote port

icmp66 - even more rare that i catch that

never port numbers


These change even while i have close all apps- and am doing absolutely nothing with my phone


tcp4


remote user 17.172.232.133.442

remote user 173.194.74.121:80 -


remote user- 17.172.232.166 : 5225


udp4- local not list - *;*

remote *:*

hostname: n/a


local: *:5353

remote: *:*

hostname: N/A


udp6

local *:5353

remote *:*

hostname- N/A


local: *:55543

remote:*:0



icmp66 local *:0 and remote *:0

with hostname N/A


data logs -

localpeer ID: mobile. 1FDC29D7-2B67-5231-9375-3BDC30E405F, store name:userdictionary, modelversionhash: SAIQVUhF7208e6_gvZx_zdKx1UAzKGem3HO2pLKjgY=ubiquityrootlocation: pfubiquitylocation: 0x1ed87c50 mobile documents/com-apple[textinput/dictionaries


springboard

bbbehavioroverride :transition date should be after provided date


searrchd

indexed all records


searchd

finished getting all applications






remote hostenames from akamaitechonlogies

so much more crap but im not sure what would be more useful to get my answer- i know some of this suff is totally normal from all the research i did but i also found a lot which i am very uncomfortable- i have updated my phone and everything - it continues

iPhone 4S, iOS 6

Posted on Sep 28, 2012 5:10 PM

Reply
Question marked as Best reply
User profile for user: Rebkawhy
Rebkawhy
User level: Level 1
5 points

Posted on Aug 31, 2016 6:34 PM

A number of things clued me in to the probability of Lawful Intercept interfering with my device:

*The most telling incident happened an hour or so after I updated to 9.3.5. Somehow the name under settings>general>about changed from "Rebecca's iPhone" to "TOP Station 2's iPhone"

*'Pegasus' is on my device. Pegasus is sold to law enforcement agencies and the like. Not the public.

* They accidentally sent to my voicemail a recorded conversation between myself and two other people.

* all of my accounts have been hacked, yet none of my money has been stolen or used.

* and one other thing that happened at 3 am today - something that I don't care to disclose - confirmed it.

* IP addresses in my diagnostics logs trace back to the DoD network information center in Columbus OH.

* Entries in my diagnostics include: 'gas-gauge meter' (iodb2 device), fingerprint storage and enrollment info, cellular LacTac Change logs, FUD state entries, RATs, bird, Pegasus...

I can keep going with the list of symptoms and manifestations for quite a while, but off the top of my head those are the ones that relate to surviellance and L.I.

View in context
60 replies
User profile for user: alteric
alteric
User level: Level 1
8 points

Sep 15, 2015 3:47 AM in response to 19Split47

19Split47 has the right idea for a good starting point especially if someone had physical access to your device. If your decide has Cydia or appears to be jail broken, it's safe to assume you are 100% compromised. See also Cellebrite https://en.m.wikipedia.org/wiki/Cellebrite and Fin Fisher for NSA/FBI grade surveillance tools. But that's not all- apple itself provides a few very worrisome back doors to your IDevices as well! Research iOS port 62078 & com.apple.pcapd or simply read this article http://m.theregister.co.uk/2014/07/21/ios_firmware_contains_packet_sniffer_and_h ost_of_secret_spying_tools/ if you really want to start losing more sleep at night.

In addition, bad guys can get in by hacking your home network router if it hasn't been properly secured (by changing the default login to the generic router setup page or not using Wpa2 eas wifi security protocols, etc (see http://hackersdontwin.com/?cat=139). Ditto if your laptop, desktop, printer or really ANY ELECTRONIC DEVICE that is not properly secured or that contains a security hole or weakness (and there is not a device in the world that DOESN'T), your entire network and everything attached to it can be accessed. That is the reality of the connected world we live in. Even newer cars these days are coming with factory installed internet access, and yes they can and already have been hacked fairly easily and remotely (without ever being anywhere near the vehicle in the physical sense of the word). Personally, I have tried to learn to accept these realities as circumstances which are far beyond my ability to control them for the most part. So I take reasonable precautions to try to mitigate the risks, but I don't obsess over it nearly as much anymore because it is a losing proposition and a sanity and life-sucker if you allow it to be!!!

But having said all of that, here are a few links for those of you who may prefer to press on in a quest for a better understanding of the situation at hand:

Demystifying iOS Crash Logs- http://www.raywenderlich.com/23704/demystifying-ios-application-crash-logs

iOS Developer Library- https://developer.apple.com/library/ios/navigation/index.html?filter=bonjour

Acronym Definitions- http://www.rfc-editor.org/rfc-style-guide/abbrev.expansion.txt

I wish you to best of luck but remember, the best way to beat these people at their own game is to live a happy and fulfilling life DESPITE their ridiculously invasive attacks and actions!

Reply
User profile for user: IdrisSeabright
IdrisSeabright
User level: Level 10
155,603 points

Aug 31, 2016 6:02 AM in response to Rebkawhy

Rebkawhy wrote:


I too have been having the same problems. I have come to find out that my phone is being monitored and my data undergoing "lawful intercept" and everything I do is being routed through the department of defense network information center in Columbus Ohio

Your issue is well beyond the scope of what anyone in this forum can do to assist you. Consult an attorney.

Reply
User profile for user: Rebkawhy
Rebkawhy
User level: Level 1
5 points

Aug 31, 2016 9:26 AM in response to IdrisSeabright

Thanks for the response! Any suggestions as to who might be able to help me? I reached out to the ALCU, this was their response:

Dear Ms. xxxxxxxx


Unfortunately, the ACLU Foundation of Kansas will be unable to assist you with this matter. We are a private, non-profit organization with limited staff and other resources; therefore, we must be very selective in the cases we pursue. We do not have anyone on staff with the expertise to handle cases involving allegedly covert electronic surveillance; therefore, your case does not meet our selection criteria at this time.

We wish you the best in reaching a satisfactory resolution of your concerns.

Legal Department

American Civil Liberties Union Foundation of Kansas

Reply
User profile for user: ChrisJ4203
ChrisJ4203
User level: Level 10
230,353 points

Aug 31, 2016 9:33 AM in response to Rebkawhy

Where are you learning that this is a "lawful intercept"? You could always check with the US Attorney's office for your district, and see if they can answer. A lawful intercept requires a judges order, so there has to have been one in that area if this is actually a truthful statement that it is a lawful intercept. Again, I would be curious as to where you learned this information.

Reply
User profile for user: Kashkey
Kashkey
User level: Level 1
4 points

Nov 6, 2016 4:13 AM in response to alteric

I found getting a great data plan and use my data instead of wifi Apple has been able to catch most all bugs. I was hacked by someone making up a online account to get full access of my information. I went to a ATT corporate store told them of the fraud. They had me so locked out and control of my own phone I was at their mercy. Which was scary because of location services, iCloud account, I was so blocked and just switched to a iPhone I was lost. But ATT FIXED IT! Took off my online access and blocked that plus put a new SIM card in and walla, they were out of there. Of course I have turned off all my location services except a few and have 3 different Apple ID but all 3 devices are sinked and basically it's worth the money for the data! If I use wifi I make sure I use one search engine and clear my data immediately!


Just a FYI. I do have the new I phone 7 and use my fingerprint to access just about everything!

Reply

is it possible to have a remote user on your iphone if you never set on up?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up