iPhone hacking expert, Zdziarski, had revealed during a forensic seminar about cracking iPhone’s passcode that iPhone takes screen shots every time you push your iPhone’s home button.
As per Zdziarski, the iPhone takes the screen shot for the 3D "zoom" effect that is observed when you close/suspend or launch/resume an iPhone app. This has raised privacy concerns as the screen shots are stored, at least temporarily on the iPhone.
You don’t need to be worried as Zdziarski has also figured out a way to disable the storing of the screen shots on the iPhone so that they cannot be recovered.
Jonathan Zdziarski better known as “NerveGas” in the iPhone hacking community has published the iPhone Open Application Development book to develop unofficial native iPhone applications using the iPhone open source tool chain and is also the author of iPhone Forensics. He had recently ported the iPhone Open Source Tool chain to iPhone firmware 2.0.
Jonathan was the first to develop a native iPhone application that takes full advantage of the major iPhone APIs with NES.app for iPhone firmware 1.x , a portable Nintendo Entertainment System emulator which he has successfully ported to iPhone firmware 2.0.
He had recently discovered a remote URL which suggested that Apple has included a kill-switch mechanism in iPhone firmware 2.0 to deactivate malicious iPhone apps already installed on the iPhone during his forensic examination of iPhone 3G. Steve Jobs had later in an interview with Wall Street Journal confirmed the existence of the kill-switch.
He has also figured out a way to disable the storing of the screen shots on the iPhone so that they cannot be recovered. He writes:
"I did some further digging and found that the screenshots themselves actually get written to /var/mobile/Library/Caches/Snapshots. If you delete this folder and symlink it to /dev/null, the screenshots don’t get written to disk. The side effect to this is that when resuming an application, you’ll get the default screen in the zoom-in effect. Once the application resumes, however, you’ll have your application screen back. For example, your mail application will always zoom to the front as if you had an empty inbox, but will quickly correct itself once the application resumes. On a jailbroken iPhone, you can disable these screenshots with the following commands:
# rm -rf /var/mobile/Library/Caches/Snapshots
# ln -s /dev/null /var/mobile/Library/Caches/Snapshots
To return to the default behavior, just delete the symlink and the directory will get recreated. Mind you, this has no effect on the many other pieces of data stored on the iPhone, and therefore your iPhone will always be at risk for leaking private data, especially to seasoned forensic examiners."
Interesting stuff, but how many of you are really worried about this and plan to disable it?
[via Zdziarski’s blog]
Top iPhone Hacks Categories:
Hacks
iPhone Applications
Unlock iPhone
JailBreak iPhone
iPhone Tips & Tricks
iPhone Games
iPhone News
What next?