Now that makes for an interesting opening. When a user taps the iPhone's home button it shrinks and disappears which is a nice looking effect. The problem is that the iPhone is taking a screenshot of the screen contents to create that effect, which means that it may spill information that it is not supposed to. The screenshot can be of anything including emails, sms, notes, contacts or websites.
The screenshots get deleted after the application is closed and most users would think that this is the end of the story but there is a twist according to security researcher Jonathan Zdziarski who was able to recover deleted screenshots that would show him exactly what a user was doing at a given time.
A screenshot is taken every time the home button is pressed, and while it gets deleted when the app is closed, file recovery software may be able to retrieve the deleted information.
This however is not the only privacy risk. Everything that gets at least temporarily stored in storage may be recoverable including keyboard and Safari cache, deleted emails and pictures.
Someone does need physical access to the device to recover data but it is possible. The main issue here comes to light when a phone is sold, given away to someone else, or stolen, as recovery of data may reveal information about the previous owner of the phone.
Will probably be only a matter of time before someone creates or edits a disk eraser so that it can wipe the unused space of the iPhone regularly to avoid this situation.
The security researcher noted furthermore that the iPhone's passcode protection can be bypassed by anyone with enough technical know-how to do so. While the method described requires the creation of a custom firmware for the iPhone, it is something that can be used over and over again once created on the same model.Advertisement
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.