Sunday, September 14, 2008

iPhone says: "I remember whatever you've just done"

It's like that stupid horror movie's title: I Know What You Did Last Summer (and the sequel too!), this another security concern for your shiny iPhone is also like that. First, let's take a look at the horror parts.

Reported by
Wired blog: iPhone hacker and data-forensics expert Jonathan Zdziarski explained that the popular handset snaps a screenshot of your most recent action ... This is purely for aesthetic purposes: When an iPhone user taps the Home button, the window of the application you have open shrinks and disappears. In order to create that shrinking effect, the iPhone snaps a screenshot, Zdziarski said.

The iPhone presumably deletes the images after you close the applications, but anyone who understands data is aware that in most cases, deletion does not permanently remove files from a storage device. "There's no way to prevent it," Zdziarski said during the webcast. "I'm kind of divided on it. I hope Apple fixes it because it's a significant privacy leak, but at the same time it's been useful for investigating criminals."

What's the 'stupid' thing about this for me? Well, Apple has sacrifice the security just for the cool fade effect in iPhone. All are in the purpose to be the most good looking UI in mobile phones, and like Zdiarski has said that the method didn't look all that easy, but it could take as little as 60 seconds to break the iPhone's security. And anybody with the time and digital sophistication has the ability to break the iPhone's security.

And so how to prevent your precious data leak to unwanted hands? Here's the tip from Zdziarski: "This flaw can only be exploited by somebody with physical access to a device, but your phone could get into the hands of someone with more malicious intent," he said. "Obviously, you don't want to trust any of your data to a passcode."

Right, so from now on there'll be no more borrowing my iPhone to any of you! You said... ~LOL~

[blogged with my Treo 750v]

No comments: