A Swiss iPhone app developer, Nicolas Seriot claims that it is pretty easy to install spyware on iPhones using
built with just one of those Apple -approved APIs without the need for any kind of phishing or hacking attempts. In a discussion in Geneva, Seriot outlines the possible ways by which your confidential information on the iPhone can be compromised.
Seriot has developed a proof-of-concept iPhone app called SpyPhone that can help illustrate the dangers involved. According to him, the major areas of concern are regarding address book spying, browser history records, keyboard cache records and GPS information. The spyware can compromise a lot of confidential information by snooping into these. For instance the keyboard cache can contain user passwords in their records and access to address books can also mean the ability for spyware to edit and trasmit information.
? Seriot does not rule out the possibility. According to him, it is quite easy for spyware app developers to sneak their iPhone apps through the app approval process. This is because these apps can allay suspicions by delaying the actual deployment of the spyware script or by encrypting the payload.
According to Nicolas Seriot, though the Apple iPhone is still among the most secure platforms in the market, it is still far from being completely secure and makes a few suggestions that can help. These suggestions include prompting users to authorise read or read-write access to the iPhone address book, making keyboad caching an OS service, securing the Wi-Fi connection history and incorporating an outgoing firewall into the OS.
to convince customers who have long been accusing the company of holding the platform too tight. How will these new revelations affect Apple 's policies. We will have to wait and watch.