- Talk on iPhone Privacy
- permanent link
- December 3, 2009
-
[2009-12-15] I'm glad to announce that I will be presenting an enhanced version of this talk at Black Hat DC 2010.
I presented a talk on iPhone privacy for a local iPhone developers group on Wednesday night in Geneva.
I called the following Apple claim into question:
Applications on the device are "sandboxed" so they cannot access data stored by other applications.
In addition, system files, resources, and the kernel are shielded from the user's application space.
I showed that it is not exactly true and demoed SpyPhone, an application collecting personal data in a non jailbroken iPhone, without using private APIs.
A demo project called SpyPhone is on github.
Many thanks to Akosma who was there and took this photo.
[2009-12-05] iPhonePrivacy.pdf was slashdotted and downloaded 11000 times in 24 hours, 27000 in one week. A big thumbs up to metanet.ch who perfectly handled the load!
[2009-12-11] MogoRoad wants to make clear that it didn't use a hack to get the users phone numbers and did not violate Swiss law (pdf).
Interviews:
[2009-12-04] mac4ever.com
[2009-12-07] 20min.ch
[2009-12-09] heise.de
[2009-12-09] tagesanzeiger.ch / bazonline.ch
[2009-12-13] sonntagszeitung.ch
...Press and blogs reports:
[2009-12-04] slashdot.org
[2009-12-04] theregister.co.uk
[2009-12-04] macworld.com
[2009-12-04] zdnet.com
[2009-12-04] pcworld.com
...