Skip to content
This project shows the kind of data a rogue iPhone application can collect.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Classes
EXIF
FMDB
JSON
OUILookupTool
Settings.bundle
SpyPhone.xcodeproj
AddressBook.png
Default.png
Email.png
Icon.png
Keyboard.png
Location.png
MainWindow.xib
Phone.png
Photos.png
README.markdown
SPCell.xib
SPEmailReportVC.xib
SPImageMapVC.xib
SPImageVC.xib
SPSourceTVC.xib
SPWebViewVC.xib
Safari.png
Sources.xib
SpyPhone-Info.plist
SpyPhone_Prefix.pch
Wifi.png
YouTube.png
data.png
email_mask.png
gpl-2.0.txt
main.m
report.png
white_hat.png
white_hat_mask.png

README.markdown

At BlackHat DC 2010, I presented a paper called iPhone Privacy.

In this paper, I call the following Apple claim into question:

Applications on the device are "sandboxed" so they cannot access data stored by other applications.

In addition, system files, resources, and the kernel are shielded from the user's application space.

Source: iPhone in Business - Security Overview

SpyPhone demoes it is not exactly true. It shows the kind of data a rogue application can collect in a non jailbroken iPhone.

These data do certainly interest marketers, spammers, thieves, competitors and law enforcement officials.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.