IPhone Takes Screenshots of Everything You Do

BSD

Veteren member
Messages
3,819
Likes
988
iphonescreenshots.jpg


"WIRED.com

Your iPhone is watching you.
If you've got an iPhone, pretty much everything you have done on your handset has been temporarily stored as a screenshot that hackers or forensics experts could eventually recover, according to a renowned iPhone hacker who exposed the security flaw in a webcast Thursday.

While demonstrating how to break the iPhone's passcode lock in a webcast, iPhone hacker and data-forensics expert Jonathan Zdziarski explained that the popular handset snaps a screenshot of your most recent action -- regardless of whether it's sending a text message, e-mailing or browsing a web page -- in order to cache it. This is purely for aesthetic purposes: When an iPhone user taps the Home button, the window of the application you have open shrinks and disappears. In order to create that shrinking effect, the iPhone snaps a screenshot, Zdziarski said.

The phone presumably deletes the image after you close the application. But anyone who understands data is aware that in most cases, deletion does not permanently remove files from a storage device. Therefore, forensics experts have used this security flaw to successfully nab criminals who have been accused of rape, murder or drug deals, Zdziarski said.

"There's no way to prevent it," Zdziarski said during the webcast. "I'm kind of divided on it. I hope Apple fixes it because it's a significant privacy leak, but at the same time it's been useful for investigating criminals."

And though the handset only snaps screenshots when users press the Home button, Zdziarski said this is only one way forensics experts collect evidence. Other methods include taking data from the iPhone's keyboard cache, Safari cache, Google Maps lookups and so on. Experts and hackers can also recover deleted photos or e-mails from months ago.

In addition to exposing the privacy leaks, Zdziarski walked webcast attendees through the steps required to bypass an iPhone's passcode in order to gain full access to it.
Here's the good news: It didn't look all that easy; it took Zdziarski nearly an hour to demonstrate the process, and it would likely take inexperienced hackers far longer. To make a long story short, the process involved using Pwnage to create a custom firmware bundle and tweaking it with rather arcane methods to delete the iPhone's passcode protection.

Despite the intricacy of the method, Zdziarski stressed that anybody with the time and digital sophistication has the ability to break the iPhone's security.
"This flaw can only be exploited by somebody with physical access to a device, but your phone could get into the hands of someone with more malicious intent," he said. "Obviously, you don't want to trust any of your data to a passcode."

A full recording of the webcast, hosted by O'Reilly, will be available shortly. We'll post a link as soon as it's available.

Those interested in learning how to break iPhone security can pre-order Zdziarski's book iPhone Forensics: Recovering Evidence, Personal Data, and Corporate Assets.

Apple did not return phone calls for comment."


LINK:
IPhone Takes Screenshots of Everything You Do | Gadget Lab from Wired.com

Hmm, I''m a big Apple fan, but this Big Brother crap is obviously totally unacceptable !
 
I use iphone but I do not use it to access any finiancial or bank account web pages etc....

About hacking, I think there is NOT a single item controlled by a chip that can't be broken into by a determined hacker....however, an issue is between actual privacy that one must have in a chip controlled gadjet and determined hacking that will compromise it all......

Sometimes I wonder if these 'alarming' facts are not touted by companies who are in process of bringing out a 'firewall' or a 'virus checker'....?

Watch out for a programme that will soon emerge that will 'take care' of these issues....!!
 
  • Like
Reactions: BSD
Lol.

You think that is bad. Let me type what I read in PCW the other day:

"Councils, the Post Office, and a whole range of other public bodies will have access to your email and web records from next March, under plans unveiled by the Home Office.
Service providers will get £46m between them to store records for at least one year, though some already do so.

Details of the plan came in a consultation paper from the Home Office on the implementation of an EC security directive on surveillance drawn up following the 7/7 London bombings.
But the remit has been extended from anti-terrorism to cover other crime, public health , and threats to public safety. Opposition MPs promptly labelled the plan a "snooper's charter".

The retained information will include the times you log on and log off and the times and the destinations of text messages, calls and emails - but not their content or which websites you visited [phew]
Bodies entitled to access the information include councils, health authorities, the Post Office, the Ministry of Defence, the Health and Safety Executive and the Food Standards Agency. Each will have to appoint an authorising officer to approve requests for information.

The consultation document, elegantly entitled Transposition of Directive 2006/27/EC is available at Here. Comments have to be submitted by the end of October."
 
And I hear they are rebuilding the House of Parliament. Planned pictures for next year here.





:whistling
 
Hehe :D

Crikey everyone is off on holiday or whatnots in interesting places these days, whats that flag you're sporting then Ninja ?
 
Top