Rogue apps could affect non-jailbroken iPhones | iLounge News


Rogue apps could affect non-jailbroken iPhones

A Swiss iPhone developer has published research that indicates that security vulnerabilities affecting the iPhone are not limited to jailbroken iPhones. Developer Nicholas Seriot has created a proof of concept app called SpyPhone as a demonstration of how Apple’s own APIs could be misused to read or edit a user’s address book or gain access to a user’s web surfing history or recent location information. For such attacks to succeed, a malicious application would still need to get past Apple’s App Store approval process to be available for non-jailbroken iPhones, however this is not outside of the realm of possibility as such an app would not require the use of any exploits or third-party APIs, and the spyware portion could be hidden by delayed activation or an encrypted payload.

The security researcher detailed these potential iPhone privacy risks in a talk he delivered in Geneva on Wednesday, during which he also outlined possible defense strategies, suggesting that Apple should design the iPhone OS to require users to authorize read or read-write access by iPhone applications to potentially sensitive on-device information such as the Address Book, add firewall functionality to the device and ensure the keyboard cache is not as readily available to third-party applications. (via The Register).

Related Stories



Authorisation of access to Photos and Contacts sounds pretty unobtrusive, as long as it doesn’t end up being something similar to Windows UAC.

It’s unpleasant when I have to authorise an App for Location Services, but authorising it for Photo and Contact services too may tip over the edge. It’s still preferable to the alternative though.

The iPhone is still more secure than the iPhone+Jailbreaking.

Posted by Dan Woods in Toronto on December 4, 2009 at 2:47 PM (CST)


If such an app was to get through the app store approval process then Apple still have a kill switch that and remove such programs. Therefore this is a bit of a non issue.

Posted by Chuck in Toronto on December 4, 2009 at 4:07 PM (CST)

Subscribe to iLounge Weekly

Sign up for the iLounge Weekly Newsletter

iLounge is an independent resource for all things iPod, iPhone, iPad, and beyond.
iPod, iPhone, iPad, iTunes, Apple TV, Mac, and the Apple logo are trademarks of Apple Inc.
iLounge is © 2001 - 2018 iLounge, Inc. All Rights Reserved. Terms of Use | Privacy Policy