Join the Community

22,024

Expert opinions

44,216

Total members

425

New members (last 30 days)

171

New opinions (last 30 days)

28,678

Total comments

Join Sign in

iPhone and iTunes Security

17 March 2010 1 comment

Anthony Cossey

Project Manager

Fixnetix ltd

I don't own an iPhone, the Blackberry Bold suits best the way i work on the move, however i have been looking into various aspects of the iPhone as a development platform. I am a little concerned about the security aspects of some of the practices that the iPhone employs, not from an OS perspective, but from the view on how it interops with itunes.

From what i understand the MAC/PC to which the iphone is paired via itunes retains a complete image of the iphone's firmware on its hard disk. it sounds to me that someone with appropriate skills could take that image and retrieive data from it, also perhaps replace an image with a version laced with a self made keylogger.....Thus instant security breach

In fact this feature is the way that you can 'jailbreak' or hack your iPhone with a 3rd party firmware image. I am fairly new to the iPhone and the way it operates, could someone with more experience perhaps comment on this aspect of the iPhones operation?

I feel this means that itunes should be coded with tighter security or pin protection given it provides a conduit to the heart of the iphone.

As long as you don't leave your iphone connected to itunes AND unattended for long periods, i suppose this possible security issue can't be used by potential hackers. However with all the sharing features on itunes now available, how long before itunes becomes the target of hackers? Intresting subject matter that i would like more information on, which does not seem to be readily available from Apple,

Any iphone advice or links readily accepted......

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

4675

Report

Channels

/security

Comments: (2)

Brennan Carley Managing Principal at Proton Advisors

18 March 2010

Yes, the iPhone gets synched to your computer and an image of your iPhone's database is stored on your computer. So are copies of your calendar, your address book, etc..

So if your computer gets compromised, this information is available.

But if your computer gets compromised, ALL the data you store on it is available.

So the basic lesson is that you should secure your laptop/desktop machine properly.

But you already do that, right?

Report

Anthony Cossey Project Manager at Fixnetix ltd

Author 18 March 2010

Very true, i agree strongly with your commnets, in fact i go bit further with my workstation than most to protect my data, i have an encrypted data store in my home directory, so even if my linux workstation is compromised, my data is still safe. However as you know not many people go to these lengths. However of course the compromising of someones computer is not just for data theft, installation of malware/kelogging applications can get the information you do not generally have stored like your PIN or online banking credentials. Thanks for the comments on my post.

Report