Y luego dicen que soy paranoico...

Quod scripsi, scripsi!

IPhone Takes Screenshots of Everything You Do

By Brian X. Chen September 11, 2008 | 1:26:34 PMCategories: Apple, iPhone, iPhone Hacks

Your iPhone is watching you.

If you've got an iPhone, pretty much everything you have done on your handset has been temporarily stored as a screenshot that hackers or forensics experts could eventually recover, according to a renowned iPhone hacker who exposed the security flaw in a webcast Thursday.

While demonstrating how to break the iPhone's passcode lock in a webcast, iPhone hacker and data-forensics expert Jonathan Zdziarski explained that the popular handset snaps a screenshot of your most recent action -- regardless of whether it's sending a text message, e-mailing or browsing a web page -- in order to cache it. This is purely for aesthetic purposes: When an iPhone user taps the Home button, the window of the application you have open shrinks and disappears. In order to create that shrinking effect, the iPhone snaps a screenshot, Zdziarski said.

The phone presumably deletes the image after you close the application. But anyone who understands data is aware that in most cases, deletion does not permanently remove files from a storage device. Therefore, forensics experts have used this security flaw to gather evidence against criminals convicted of rape, murder or drug deals, Zdziarski said.

"There's no way to prevent it," Zdziarski said during the webcast. "I'm kind of divided on it. I hope Apple fixes it because it's a significant privacy leak, but at the same time it's been useful for investigating criminals."

And though the handset only snaps screenshots when users press the Home button, Zdziarski said this is only one way forensics experts collect evidence. Other methods include taking data from the iPhone's keyboard cache, Safari cache, Google Maps lookups and so on. Experts and hackers can also recover deleted photos or e-mails from months ago.

In addition to exposing the privacy leaks, Zdziarski walked webcast attendees through the steps required to bypass an iPhone's passcode in order to gain full access to it.

The method didn't look all that easy, but Zdziarski said it could take as little as 60 seconds to break the iPhone's security. To make a long story short, the process involved using Pwnage to create a custom firmware bundle and tweaking it with rather arcane methods to delete the iPhone's passcode protection. Once set up, the technique can be used over and over on different iPhones, Zdziarski added.

Despite the intricacy of the method, Zdziarski stressed that anybody with the time and digital sophistication has the ability to break the iPhone's security.

"This flaw can only be exploited by somebody with physical access to a device, but your phone could get into the hands of someone with more malicious intent," he said. "Obviously, you don't want to trust any of your data to a passcode."

A full recording of the webcast, hosted by O'Reilly, will be available shortly. We'll post a link as soon as it's available.

Those interested in learning how to break iPhone security can pre-order Zdziarski's book iPhone Forensics: Recovering Evidence, Personal Data, and Corporate Assets.

Apple did not return phone calls for comment.

Updated 11:40 a.m. Friday with some clarifications from Zdziarski.

Traduzco el párrafo que describe cómo funciona esto:

Jonathan Zdziarski explained that the popular handset snaps a screenshot of your most recent action -- regardless of whether it's sending a text message, e-mailing or browsing a web page -- in order to cache it. This is purely for aesthetic purposes: When an iPhone user taps the Home button, the window of the application you have open shrinks and disappears. In order to create that shrinking effect, the iPhone snaps a screenshot, Zdziarski said.

The phone presumably deletes the image after you close the application. But anyone who understands data is aware that in most cases, deletion does not permanently remove files from a storage device. Therefore, forensics experts have used this security flaw to gather evidence against criminals convicted of rape, murder or drug deals, Zdziarski said.

Jonathan Zdziarski explicó que el popular artefacto hace una captura de su acción más reciente -aún cuando sólo esté enviando un mensaje, un e-mail o navegando por alguna página- con la finalidad de 'cachearlo'. Esto tiene propósitos meramente estéticos: cuando un usuario de iPhone oprime el botón 'Home', la ventana del programa que se ha ejecutado 'se contrae' y desaparece. Para poder crear ese efecto, el iPhone toma una fotografía, dijo Zdziarski.

Se asume que el teléfono borra la imagen después de que el programa se ha cerrado. Pero cualquiera que entienda de datos advierte que en la mayor parte de los casos, el borrado no remueve permanentemente archivos de un dispositivo de almacenamiento. Por esto, los forenses expertos han usado este fallo de seguridad para reunir evidencia contra criminales procesados por violación, asesinato o venta de estupefacientes.

Ahora sí, llámenme paranoico.