Skip Links

Network World

Jamey Heary

iPhone raises Privacy concerns: it records screenshots every time you hit the home button

By jheary on Fri, 09/12/08 - 5:36pm.
Newsletter Signup

iPhone hacker, author, and data forensics expert Jonathan Zdziarski, aka. “NerveGas”, revealed a major privacy issue with the iPhone on a webcast yesterday. He disclosed that every time a user pushes the Home button on the iPhone it takes a screenshot of whatever you are doing at that moment. This is done so that Apple can create that cool, page disappearing animation they have. The problem is that these screenshots are saved and can be recovered using basic iPhone forensic techniques like the ones that Zdziarski writes about in his new book.

When you couple the screenshot disclosure with the other focus of his webcast, a demo of how to bypass the iPhone’s passcode lock feature, things get pretty serious. According to Zdziarski, “A custom firmware "passcode cracker" bundle has to be built before someone can break your passcode.” The initial build takes about 15-20 minutes. However, once that is built it only takes about 60 seconds to crack an iPhone of any version. For example, what if you hit the Home button while browsing your e-banking site? You know the page with all of your account info, balances, etc on it. How about if you were VPN’d into your corporate net and were browsing to confidential, internal only websites when you hit the Home button. Now bad guy steals your iPhone, quickly cracks your passcode, and then recovers a boat load of your previously saved screenshots. Not good!

According to Zdziarski, Law Enforcement has known, and taken advantage, of the fact that the iPhone tends to keep a bunch of data hidden and cached. Things like deleted email, screenshots, text messages, pics, etc. can all be recovered using iPhone forensics techniques and used as evidence to convict criminals.

His webcast will soon be posted here for your viewing pleasure http://www.oreillynet.com/pub/e/1093

Zdziarski’s website can be found here http://www.zdziarski.com/

So fellow iPhone users, does this news disturb you as much as it does me?




The opinions and information presented here are my personal views and not those of my employer.

To Be Expected

0
By Anon (not verified) on Mon, 09/15/2008 - 10:10am.

This does not surprise me. Apple has been compared to the "Wolf in sheeps clothing" and this is the latest example. My dislike for them is that they are exactly like Microsoft was 10 years back, but have hided behind dedicated users (such as myself) whom they have taken advantage of over the past 10 years. I used to agree with their stance on security and all the issues with the other systems (read: microsoft), however they are just as bad. I'll take a Linux on an open PC platform any day for my daily workstation and use any phone but my (broken of course) I-phone that lasted only 1 month.

I'm a little confused....

0
By Anon (not verified) on Wed, 04/08/2009 - 1:06am.

I'll concede the issue of the iPhone caching deleted emails and such, but I'm a little confused as to the screenshot issue. You have to push and the home button and then the lock button to take a screenshot. I have had an iPhone 3G for almost a year now, and I have *never* accidentally taken a screenshot, I'm just frankly not sure how that's possible, you have to very deliberately press one button then the other, and release them within a few seconds to take a screenshot.

Think of it this way -- if simply pressing the home button took a screenshot, it would be a pretty useless button -- pressing the home button brings you to (big surprise...) the home screen.

In my opinion, this is making a huge deal out of a virtual non-issue.

I sincerely hope that the date on this article is wrong, and that this was the best information available at the time, otherwise you are very blatantly, if not deliberately, posting misinformation that a few minutes of research would have avoided.

I'm not going to try to argue that the iPhone is the best thing ever and everyone should have one, but if you're going to rip on it, *at least* get your basic facts straight.

I think you're misunderstanding something

0
By Anon (not verified) on Wed, 04/08/2009 - 10:21am.

The phone isn't accidentally taking a screenshot and saying "Screenshot taken! Here it is!" It's taking a screenshot on purpose so it can do the little fade away animation with it. Then it stores it. But it doesn't tell you that it's doing this. Make more sense now?

Why would they store it? Maybe so that the next time the user goes to that application, they can display the last screen used while the application is still starting up. This is an old school way to give the user the impression that the application has started up instantly. Then they hope that by the time you figure out what you're going to do in the app, it has actually loaded and the real interface can be displayed. But the whole point is that it's seamless to the user -- you don't notice screenshots being taken, cached, etc. It just works. That's what apple's all about.

RE: I'm a little confused....

0
By Anon (not verified) on Wed, 04/08/2009 - 10:07am.

Read the article better. The system is taking a screenshot to do it's animation, and it stores it. This is a completely different task then the user requesting the screenshot, and storing it in your photos.

Please RTFA before posting nonsense. Thank you.

What kind of idiot would

0
By Maj (not verified) on Mon, 04/13/2009 - 7:30pm.

What kind of idiot would browse confidential company data and bank websites on an iPhone?

Oh wait, Apple users. Right.

Re: Idiot

0
By Anon (not verified) on Mon, 06/22/2009 - 1:15am.

"What kind of idiot would browse confidential company data and bank websites on an iPhone?"

The same sort of idiot who would use a much more insecure Windows to bank at home, with a idiot bank that uses Windows hooked up to a ATM that uses Windows and visits idiot business who use Windows based POS devices!

How about the idiot Intel and their unfixed (for several years now) cache poisoning rootkits?

Only keep what your willing to lose in a account for online anything, including debit cards.

Keep the larger amounts in other accounts only access-able in person for transfers etc. If the banks screws up or hackers get in, they got no one to blame.

Keep a organized paper trail, banks will lie if they lose your money or try to pass the blame on your computer.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You can use BBCode tags in the text.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <p> <strong> <i> <br /> <br> <ul> <ol> <li> <dl> <dt> <dd> <blockquote>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Welcome, visitor. Register Log in
Advertisement:
About Cisco Security Expert

Jamey Heary, CCIE No. 7680, is the author of the Cisco NAC Appliance: Enforcing Host Security with Clean Access book by Cisco Press. Jamey is a seasoned security technologist with over 15 years in the IT field with 10 years focused on IT security. His areas of expertise include network and host security design and implementation, security regulatory compliance, and routing and switching. His other certifications include CISSP, CCSP, and Microsoft MCSE. He is also a Certified HIPAA Security Professional. Jamey is currently a Security Consulting Systems Engineer with Cisco, though the opinions expressed here are his own. Jamey is a member of Network World's Cisco Subnet blog community.

Contact him.