Researcher Warns Of Privacy Risks From Rogue iPhone Apps

Wednesday Feb 3rd 2010 by Staff

Swiss researcher Nicolas Seriot has demonstrated how easily developers can create seemingly harmless iPhone apps that actually steal users' personal information.

cnet: On Wednesday, Swiss Researcher Nicolas Seriot will give a talk at the Black Hat DC security conference where he will explain how rogue iPhone apps could easily access users' personal data. "It turns out that the full Address Book is readable without the user's knowledge or consent," he writes in a paper on the subject.

To demonstrate his point, he created an app called "SpyPhone" that can track a lot of information about iPhone users, including finding the user's location using the built-in GPS and logging keystrokes used to input login credentials. These same capabilities could be hidden in an innocent-looking app like a game and could make it past Apple's screening process.

In fact, Apple has had to remove several applications from the App Store because they contained similar malware. With this in mind, Seriot recommends that "Professional users should avoid running untrusted applications, especially if they are required by law to protect data confidentiality."

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved