iPhone iSpy? Hacker says device captures it all

The iPhone is recording everything users see and do on their devices for caching purposes, an iPhone hacker says.

The device records screenshots of a user's most recent action so that it can achieve that cool effect of applications fading away when the home button is clicked, according to Jonathan Zdziarski, who wrote the forthcoming book iPhone Forensics: Recovering Evidence, Personal Data, and Corporate Assets.

The screenshots are presumably deleted after the application is closed, but they can be recovered with forensics techniques just like data deleted from most any storage device can be reconstructed for purposes of law enforcement, he said in a Webcast on Thursday in which he demonstrated how to break into password-protected iPhones.

"There's no way to prevent it," Zdziarski said of the screenshot caching, according to a Wired report. "I'm kind of divided on it. I hope Apple fixes it because it's a significant privacy leak, but at the same time it's been useful for investigating criminals."

Meantime, breaking into a passcode-locked phone took him nearly an hour to demonstrate and required creating a custom firmware bundle, the report said. The issue is different from a security hole discovered last month that allowed people to get access to e-mail, text, and voice messages on password-protected phones.

Apple representatives did not respond to an e-mail seeking comment for this story.

[setgo]

CNET article #4 and counting. Hey CNET isn't the Zune worth hacking or writing about?

[MCOjerry]

^no.

[johnqh]

Oh come on, any Mac/iPhone developer would know that's not some "screenshots". It is how the OS works - it doesn't redraw continuously. The app draw once, and the image is stored in memory and bitblt when displaying is needed.

That is the fundamental of the OSX/iPhone programming. I cannot believe it becomes news on CNET.

And no, the "cache" is in RAM, not on storage. Get over it, if a hacker can access the image, he can access the raw text data, which would be much more useful.

So, I suggest him to publish a report that Word load the document in memory and can be hacked, and suggest Microsoft not to load a document when loading a document....I am sure CNET will make it a front page story.

[Cube Over]

Cracking the iPhone after getting physical access is no news. It's just like "breaking" into your car/home (far more valuable assets, don't you think?) after getting physical access to your keys.
In other words - physical access ruled and still rules! :)

[ferretboy88]

Phones=insecure

[SirRobinOfPennsynvania]

A new round of hacking is being ushered in. Payment on a mobile phone faces it biggest hurdle, security. Individuals cannot afford to have a security team watching their phone and protecting it.

[Ben_Bowers]

This type of privacy issue while disturbing shouldn?t really shock anyone. Text messages, phone calls, and emails, can be intercepted. Plus having GPS functionality allows for detailed tracking of your where abouts at all times. Trust me I?m not some conspiracy theorist whack job.

Eric Hanson was convicted for murdering his parents, largely on the evidence collected from his car GPS system which placed his vehicle near the scene of his parent?s murder at the time they were killed. This is going to be more and more common.

Heck even googling the issue brings up an article from the National Institute of Health talking about how GPS enabled phones can be used to track adolescent behavior and ?perhaps intervene to change health behavior?.

The benefits of technology cut both ways. Everyone should be wary of the fact that with great connective comes enhanced accountability .

Ben Bowers
Contributing Editor for Gear Patrol.
(www.gearpatrol.com)

[fallingyou]

Yikes, this is a bit sensationalist, I have to say. Consider the following:

1. this is no different than any Windows, Linux or Mac ... when files are deleted from storage (HD or SSD), they're only 'marked' as deleted; the data is still available until that part of the storage is written to again with different data

2. if storage _didn't_ work this way, users would _hate_ it -- they wouldn't be able to recover files they accidentally deleted with utility programs that do this

3. the iPhone SDK allows the developer to take a screen shot of the app, but the reason is so that users can launch the app and be brought right to where they were before if possible -- the app loads the screenshot it took while setting up the data structures to match it, so the user doesn't have to start over. Again -- if the SDK didn't allow this, users would complain.

4. the iPhone is not "recording everything users see and do on their devices" ... that's just sensationalist reporting. The camera is not always on, snapping away, the mic is not always recording, and the iPhone is not constantly sending all of your actions and results to some server in Cupertino somewhere.

I think that it is important to keep things in perspective. There is another device that almost everyone carries with them, that contains _loads_ of personal info, is usually _completely_ unsecured, and does not require any sort of hacking at all. It's called your wallet / purse. Would you blame the manufacturer of said wallet / purse if it was stolen and the thief accessed all of the data within it? Would you claim that said wallet / purse was 'insecure' and demand that the manufacturer fix the 'problem'?

We are all responsible for ourselves.

Regards,

John

[Dr_Manhattan]

CNet is worse than ladies gossiping about what Paris Hilton did the other day and who's going to win on Dancing With The Stars! And they know just about as much!