Almost all the reports are getting the gist of the paper wrong -- any press summation that doesn't go into the paper to understand it will get it wrong. The paper goes into deep detail that Apple has several services that, while protected by several layers of security that could be bypassed, can transfer data in the clear. There are also several services that don't have any obvious connecting software.
It's a rather deep hacker-style dive into iOS.
A good video about this is by TWiT Network. At http://twit.tv/sn465 Security Now ep 465 has expert Steve Gibson explain the actual paper.