Stories
Slash Boxes
Comments

News for nerds, stuff that matters

Slashdot Log In

Log In

[ Create a new account ]

iPhone Takes Screenshots of Everything You Do

Posted by kdawson on Friday September 12, @01:11PM
from the watchbird-is-watching-you dept.
The_AV8R writes "Jonathan Zdziarski showed that every time you press the Home button on your iPhone, a screen capture is taken in order to produce a visual effect. This image is then cached and later deleted. Zdziarski says that there have been cases of law enforcement looking up sex offenders' old data and checking recovered screenshots." This revelation occurred in the midst of a webcast on iPhone forensics, demonstrating how to bypass the iPhone's password security (not trivial, but doable). Video from the talk is not online yet but is promised soon over at O'Reilly.

Related Stories

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • FUD (Score:4, Funny)

    by Ethanol-fueled (1125189) * on Friday September 12, @01:14PM (#24980929) Homepage
    From TFA:

    Therefore, forensics experts have used this security flaw to successfully nab criminals who have been accused of rape, murder or drug deals, Zdziarski said.

    iPhone: the tool of choice for rapists, murders, and drug dealers!

    Joking aside, the article is puzzling and it reeks of FUD: if the iCrooks were bad enough to get the authorities to actively track and sieze their data then they deserve to be caught for being too stoopid to buy disposable phones in cash from 7-11. Even Johnny dormroom pot- dealer knows that!

  • by AndyG314 (760442) on Friday September 12, @01:22PM (#24981073) Homepage
    What type of incriminating things are sex ofenders doing with their iPhones.
  • Pragmatic (Score:4, Funny)

    by mfh (56) on Friday September 12, @01:23PM (#24981089) Homepage Journal

    It's pragmatic to not press the home button when doing home invasions or killing people, I guess.

    • Re:Pragmatic (Score:4, Informative)

      by Em Ellel (523581) on Friday September 12, @01:34PM (#24981313)

      It's pragmatic to not press the home button when doing home invasions or killing people, I guess.

      Although you are probably technically right, unless you are killing them with a scathing email, or nasty AC troll post - it is not likely that the home button will matter. It captures the screenshot of what is on your screen - not from the camera. (unless you happend to have the camera app on at the moment of course)

      -Em

  • What's the problem (Score:5, Interesting)

    by KasperMeerts (1305097) on Friday September 12, @01:26PM (#24981161)
    So it takes a screenshot for some effect? Is there even a way to do this without taking a screenshot? A way that is easy enough to be performed on a smartphone?

    And what did you expect from Apple? That every bit of data that was discarded is overwritten ten times? Jeez, I enjoy bashing big companies as much as the other guy but now they're looking too far. Remember, it also saves your web history, every picture you took, every file you opened everything you did somewhere...
    • by fermion (181285) on Friday September 12, @02:11PM (#24981933) Homepage Journal
      Sometimes it is just interesting to think about security, and security choices that are made. Certainly the security incompetence of most manufactures does not reach the level of homeland security, but neither does the security issues. It still is interesting to think about. For instance, the iPhone shows one letter of the password for usability, and this is likely worth the security compromise. Many web browser automatically cache a large number of previous web pages, and a large amount of history, so any minimally competent sleuth can determine everything you have done for the past week. This has security implications, yet when Firefox implemented the very reasonable privacy feature, they get ridiculed with installing a porn filter. In fact such history and cache can be argued to be a unnecessary security risk that should not be turned on by default, but the compromise has been made.

      In this case, a potential security issue has been introduced for the purpose of look and feel. While the headline is sensational and seems to be written by a person with no technical background or understanding fo the iPhone, the point remains. Pictures of what you are doing prior to pressing the home button are taken, and stored for some indeterminate amount of time. This is like the browser issue, likely not a big problem. OTOH, there does not seem to be an option under the general/home button menu to turn off this effect, so there is no way for persons worried about the issue to turn it off. It is an interesting problem.

  • by Artraze (600366) on Friday September 12, @01:33PM (#24981291)

    It turns out that you browser will store all the information needed to recreate the web pages you visit! Not just a screenshot! This critical flaw appears to have present for years in all known browsers! The end is near!

    Seriously? Come on. I know ./ likes to post anything related to the iPhone, especially if it involves "spying", but this is pretty uninteresting. Security is traded for speed and features on a daily basis, including places where do so presents a major risk (*cough*Outlook). This is really not too surprising since it trades at most a little privacy in exchange for a neat effect; what would you expect Apple's iCandy to do?

  • fud (Score:4, Insightful)

    by sam_paris (919837) on Friday September 12, @01:38PM (#24981375)
    Tag this article as fud, because that's what it is. Any excuse to bash apple and/or iphone.. Really, if we're going to get upset about this, let's get upset about browser caching, cookies, history.. etc etc
  • by Nuclear Elephant (700938) on Friday September 12, @01:54PM (#24981637) Homepage
    I _am_ Jonathan Zdziarski and even I don't understand why this is news.

    This was a side note I mentioned the other day, and has been something I've been grousing about for over a year. It's unnecessary, and a bit of a privacy leak that can be exploited by forensic examiners, but hardly news for the reasons already stated in the comments.
    • Re:It's nice to know (Score:5, Interesting)

      by mmkkbb (816035) on Friday September 12, @01:22PM (#24981077) Homepage Journal

      Errr, it's not phoning these screenshots home. You must have a problem with .bash_history too, right? Caching your keystrokes! OMG!

      • Re:It's nice to know (Score:4, Interesting)

        by Hyppy (74366) on Friday September 12, @01:38PM (#24981365)
        It's trivial to disable logging to .bash_history. What about for this?
      • by Subliminalbits (998434) on Friday September 12, @01:41PM (#24981421)
        Don't forget the page file. The horror; your computer is constantly taking screen shots of your applications ram and storing them on the hard drive!
        • by Firehed (942385) on Friday September 12, @01:53PM (#24981615) Homepage

          Sure, if you overwrite your firmware (jailbreak), enable SSH access to the phone, and then NOT change your root password. Quite frankly, you deserve it at that point.

          Sounds like yet another sensationalist (and completely inaccurate) headline pointing to a non-story. Unless some pervert is hits the home button while trying to take a (crappy, borderline-useless unless it's being done in full daylight) picture of himself raping a kid, AND law enforcement not only knows to look for this cached file, I don't really see this being an issue. I suppose it could possibly be used as supplemental evidence when a case is being built up, but the actual AIM chat logs, sent emails, phone call history (all of which are far more accessible) and such would be far more potentially incriminating.