Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

This project shows the kind of data a rogue iPhone application can collect.

branch: master
Octocat-spinner-32 Classes read iOS photo stream, don't show 0,0 coodinates on map November 11, 2011
Octocat-spinner-32 EXIF added wifi bssid location lookup October 31, 2010
Octocat-spinner-32 FMDB added wifi bssid location lookup October 31, 2010
Octocat-spinner-32 JSON added wifi bssid location lookup October 31, 2010
Octocat-spinner-32 OUILookupTool display wifi access points on the map October 31, 2010
Octocat-spinner-32 Settings.bundle added TV out capabilities January 14, 2010
Octocat-spinner-32 SpyPhone.xcodeproj updated readme November 18, 2011
Octocat-spinner-32 AddressBook.png first version December 02, 2009
Octocat-spinner-32 Default.png display wifi access points on the map October 31, 2010
Octocat-spinner-32 Email.png first version December 02, 2009
Octocat-spinner-32 Icon.png first version December 02, 2009
Octocat-spinner-32 Keyboard.png first version December 02, 2009
Octocat-spinner-32 Location.png first version December 02, 2009
Octocat-spinner-32 MainWindow.xib fixed crash when clicking Photos Map button October 18, 2011
Octocat-spinner-32 Phone.png first version December 02, 2009
Octocat-spinner-32 Photos.png first version December 02, 2009
Octocat-spinner-32 README.markdown Update README.markdown November 22, 2011
Octocat-spinner-32 SPCell.xib first version December 02, 2009
Octocat-spinner-32 SPEmailReportVC.xib display wifi access points on the map October 31, 2010
Octocat-spinner-32 SPImageMapVC.xib display wifi access points on the map October 31, 2010
Octocat-spinner-32 SPImageVC.xib first version December 02, 2009
Octocat-spinner-32 SPSourceTVC.xib first version December 02, 2009
Octocat-spinner-32 SPWebViewVC.xib first version December 02, 2009
Octocat-spinner-32 Safari.png first version December 02, 2009
Octocat-spinner-32 Sources.xib fixed crash when clicking Photos Map button October 18, 2011
Octocat-spinner-32 SpyPhone-Info.plist first version December 02, 2009
Octocat-spinner-32 SpyPhone_Prefix.pch first version December 02, 2009
Octocat-spinner-32 Wifi.png first version December 02, 2009
Octocat-spinner-32 YouTube.png first version December 02, 2009
Octocat-spinner-32 data.png first version December 02, 2009
Octocat-spinner-32 email_mask.png first version December 02, 2009
Octocat-spinner-32 gpl-2.0.txt first version December 02, 2009
Octocat-spinner-32 main.m fixed crash with big photo libraries December 05, 2009
Octocat-spinner-32 report.png first version December 02, 2009
Octocat-spinner-32 white_hat.png first version December 02, 2009
Octocat-spinner-32 white_hat_mask.png first version December 02, 2009
README.markdown

At BlackHat DC 2010, I presented a paper called iPhone Privacy.

In this paper, I call the following Apple claim into question:

Applications on the device are "sandboxed" so they cannot access data stored by other applications.

In addition, system files, resources, and the kernel are shielded from the user's application space.

Source: iPhone in Business - Security Overview

SpyPhone demoes it is not exactly true. It shows the kind of data a rogue application can collect in a non jailbroken iPhone.

These data do certainly interest marketers, spammers, thieves, competitors and law enforcement officials.

Something went wrong with that request. Please try again.