• The Register (UK), Friday, December 4, 2009 2:52 PM

New research is challenging the popular perception that iPhones are totally safe, especially if users don't "jailbreak" or unlock their phones. Swiss iPhone developer Nicolas Seriot has published research on security shortcomings that could create a mechanism for hackers to lift data from regulation iPhones. Email accounts, keyboard entries held in cache and browser history files can all be potentially exposed by a malicious app, according to the report.

Seriot has even developed a proof of concept app, called SpyPhone, in order to demonstrate how Apple's own APIs might be misused to read or edit a user's address book, browse web surfing history, recent GPS position and more. Attack scenarios detailed by Seriot rely on tricking Apple into granting approval to a malicious app, which The Register considers to be considerable though perhaps not "unsurmountable" hurdle for hackers.

Read the whole story at The Register (UK) »