This project shows the kind of data a rogue iPhone application can collect.
Objective-C C
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
Classes
EXIF
FMDB
JSON
OUILookupTool
Settings.bundle
SpyPhone.xcodeproj
AddressBook.png first version Dec 2, 2009
Default.png
Email.png first version Dec 2, 2009
Icon.png first version Dec 2, 2009
Keyboard.png
Location.png first version Dec 2, 2009
MainWindow.xib
Phone.png first version Dec 2, 2009
Photos.png first version Dec 2, 2009
README.markdown Update README.markdown Nov 22, 2011
SPCell.xib
SPEmailReportVC.xib display wifi access points on the map Oct 31, 2010
SPImageMapVC.xib display wifi access points on the map Oct 31, 2010
SPImageVC.xib
SPSourceTVC.xib
SPWebViewVC.xib
Safari.png
Sources.xib fixed crash when clicking Photos Map button Oct 18, 2011
SpyPhone-Info.plist
SpyPhone_Prefix.pch first version Dec 2, 2009
Wifi.png first version Dec 2, 2009
YouTube.png
data.png first version Dec 2, 2009
email_mask.png
gpl-2.0.txt first version Dec 2, 2009
main.m fixed crash with big photo libraries Dec 5, 2009
report.png
white_hat.png first version Dec 2, 2009
white_hat_mask.png first version Dec 2, 2009

README.markdown

At BlackHat DC 2010, I presented a paper called iPhone Privacy.

In this paper, I call the following Apple claim into question:

Applications on the device are "sandboxed" so they cannot access data stored by other applications.

In addition, system files, resources, and the kernel are shielded from the user's application space.

Source: iPhone in Business - Security Overview

SpyPhone demoes it is not exactly true. It shows the kind of data a rogue application can collect in a non jailbroken iPhone.

These data do certainly interest marketers, spammers, thieves, competitors and law enforcement officials.