GitHub - rainbird/SpyPhone: This project shows the kind of data a rogue iPhone application can collect.

On December 2nd, 2009, I talked in Geneva on iPhone Privacy. I called the following Apple claim into question:

Applications on the device are "sandboxed" so they cannot access data stored by other applications.

In addition, system files, resources, and the kernel are shielded from the user's application space.

Source: iPhone in Business - Security Overview

SpyPhone demoes it is not exactly true. It shows the kind of data a rogue application can collect in a non jailbroken iPhone.

These data do certainly interest marketers, spammers, thieves, competitors and law enforcement officials.

Name		Name	Last commit message	Last commit date
Latest commit History 32 Commits
Classes		Classes
EXIF		EXIF
FMDB		FMDB
JSON		JSON
OUILookupTool		OUILookupTool
Settings.bundle		Settings.bundle
SpyPhone.xcodeproj		SpyPhone.xcodeproj
AddressBook.png		AddressBook.png
Default.png		Default.png
Email.png		Email.png
Icon.png		Icon.png
Keyboard.png		Keyboard.png
Location.png		Location.png
MainWindow.xib		MainWindow.xib
Phone.png		Phone.png
Photos.png		Photos.png
README.markdown		README.markdown
SPCell.xib		SPCell.xib
SPEmailReportVC.xib		SPEmailReportVC.xib
SPImageMapVC.xib		SPImageMapVC.xib
SPImageVC.xib		SPImageVC.xib
SPSourceTVC.xib		SPSourceTVC.xib
SPWebViewVC.xib		SPWebViewVC.xib
Safari.png		Safari.png
Sources.xib		Sources.xib
SpyPhone-Info.plist		SpyPhone-Info.plist
SpyPhone_Prefix.pch		SpyPhone_Prefix.pch
Wifi.png		Wifi.png
YouTube.png		YouTube.png
data.png		data.png
email_mask.png		email_mask.png
gpl-2.0.txt		gpl-2.0.txt
main.m		main.m
report.png		report.png
white_hat.png		white_hat.png
white_hat_mask.png		white_hat_mask.png

Provide feedback