[jatoben]

An IT tech isn't going to want to enable developer mode on Joe User's iPhone just to find out why it can't get an IP or join the VPN. The device still has to be paired with a Mac (and on iOS 7, unlocked and the Trust button tapped) in order to activate pcap.

[iamshs]

" The Pcapd service, for instance, allows people to wirelessly monitor all network traffic traveling into and out of the device, even when it's not running in a special developer or support mode. "

So does this mean a private key ripped off a paired Bluetooth speaker ends up pwning me? If you are taking case of IT, I think a valid hacking scenario also needs to be considered. Furthermore, all the data in available un-encrypted. I don't know how comfortable I would be with that. Also, once trusted means permanently a slave?

[dunham]

This only allows access to the raw packets that are being broadcast over wifi/cell. (It's like tcpdump, if you're familiar with that.) For stuff sent encrypted over the internet (https/imaps/etc), it's pretty much useless. If stuff is being sent unencrypted, there are other means of looking at it anyway.

The "pairing" refers to when you connect via a USB cable and say "trust this computer". (The iOS device must be unlocked.)

An encrypted copy of the some keys are sent to the computer. These allow the iOS device to decrypt data that normally can only be decrypted after the passcode is entered. (Making it possible to back up the device without entering the passcode.) Those encrypted keys can only be decrypted by a trusted computing module on that specific device. So you are kinda screwed if someone has both your laptop and your iphone, and they have Apple-level access to the iphone. I recommend using file vault or other full disk encryption to protect your laptop.

[jatoben]

The Escrow Keybag is described in the iOS Security Guide, page 14:

http://www.apple.com/ipad/business/docs/iOS_Security_Feb14.p...

[makomk]

Yeah, and I think the version of the keys on your laptop and desktop can be copied and used to access your iOS device at a later date if someone gains brief access to any computer paired to it. GCHQ and the NSA apparently have tools to take advantage of this.

[jatoben]

Bluetooth pairing is totally unrelated.

[higherpurpose]

It's too much of a security liability for most of Apple's market. It shouldn't be there. Some slight convenience for 5 percent of Apple's market isn't a good trade-off.