AOH :: IS1115.HTM

IPhone Takes Screenshots of Everything You Do




IPhone Takes Screenshots of Everything You Do
IPhone Takes Screenshots of Everything You Do



http://blog.wired.com/gadgets/2008/09/hacker-says-sec.html 

By Brian X. Chen 
Gadget Lab
Wired.com
September 11, 2008

Your iPhone is watching you.

If you've got an iPhone, pretty much everything you have done on your 
handset has been temporarily stored as a screenshot that hackers or 
forensics experts could eventually recover, according to a renowned 
iPhone hacker who exposed the security flaw in a webcast Thursday.

While demonstrating how to break the iPhone's passcode lock in a 
webcast, iPhone hacker and data-forensics expert Jonathan Zdziarski 
explained that the popular handset snaps a screenshot of your most 
recent action -- regardless of whether it's sending a text message, 
e-mailing or browsing a web page -- in order to cache it. This is purely 
for aesthetic purposes: When an iPhone user taps the Home button, the 
window of the application you have open shrinks and disappears. In order 
to create that shrinking effect, the iPhone snaps a screenshot, 
Zdziarski said.

The phone presumably deletes the image after you close the application. 
But anyone who understands data is aware that in most cases, deletion 
does not permanently remove files from a storage device. Therefore, 
forensics experts have used this security flaw to successfully nab 
criminals who have been accused of rape, murder or drug deals, Zdziarski 
said.

"There's no way to prevent it," Zdziarski said during the webcast. "I'm 
kind of divided on it. I hope Apple fixes it because it's a significant 
privacy leak, but at the same time it's been useful for investigating 
criminals."

[...]


__________________________________________________      
Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
http://conference.hackinthebox.org/hitbsecconf2008kl/ 

Site design & layout copyright © 1986-2014 CodeGods