Slashdot Mirror
iPhone Takes Screenshots of Everything You Do
The_AV8R writes "Jonathan Zdziarski showed that every time you press the Home button on your iPhone, a screen capture is taken in order to produce a visual effect. This image is then cached and later deleted. Zdziarski says that there have been cases of law enforcement looking up sex offenders' old data and checking recovered screenshots." This revelation occurred in the midst of a webcast on iPhone forensics, demonstrating how to bypass the iPhone's password security (not trivial, but doable). Video from the talk is not online yet but is promised soon over at O'Reilly.
What happens when your parental unit discovers this (assuming said parental unit understands what this "iphone" thing is) will do with this information? Have you been drinking my beer? No Sir! Really, let me see your phone. Um, *smash* there now you happy! You never loved me!! *dramatic music effects from dying iphone*
Restore the madness of youth's lechery
Therefore, forensics experts have used this security flaw to successfully nab criminals who have been accused of rape, murder or drug deals, Zdziarski said.
iPhone: the tool of choice for rapists, murders, and drug dealers!
Joking aside, the article is puzzling and it reeks of FUD: if the iCrooks were bad enough to get the authorities to actively track and sieze their data then they deserve to be caught for being too stoopid to buy disposable phones in cash from 7-11. Even Johnny dormroom pot- dealer knows that!
Item 1:
Smart crooks use dumb (disposable) phones.
Dumb crooks use smart phones.
Faster! Faster! Faster would be better!
Big Brother....err big Apple is watching...
-Ours is the wisdom of Solomon, the magic of Merlyn, the fall of Icaris.
What type of incriminating things are sex ofenders doing with their iPhones.
If it's dead, you killed it.
Sorry to diverge from the screenshot topic but does anyone know if Mr. Zdziarski will demonstrating how to hack the just released 2.1 firmware? Or is a previous version that (may have) been patched? This seems much more significant than being able to see (via a screenshot) what the last user action was.
As for the screenshot, hmm... well at least it doesn't seem to be a deliberate attempt by Apple to get more info on the user. Also, it seems pretty difficult to get these screenshots (since they are automatically deleted according to the article you have to find and undelete them). Doesn't sound like a trivial or reliable way to snoop on people. Still I guess a security flaw is a flaw so be aware!
It's pragmatic to not press the home button when doing home invasions or killing people, I guess.
The dangers of knowledge trigger emotional distress in human beings.
Give the concerned users an option of turning off the "shrinking screenshot" animation that occurs when the Home button is pressed (which is why the screenshot is cached in the first place).
So it takes a screenshot for some effect? Is there even a way to do this without taking a screenshot? A way that is easy enough to be performed on a smartphone?
And what did you expect from Apple? That every bit of data that was discarded is overwritten ten times? Jeez, I enjoy bashing big companies as much as the other guy but now they're looking too far. Remember, it also saves your web history, every picture you took, every file you opened everything you did somewhere...
As long as there are slaughterhouses, there will be battlefields.
Why bother with such a useless thing? It's never saved to Flash; it's created in RAM. Law enforcement must be damn good if they can recover such an image from RAM, so damn good they must be making shit up.
It turns out that you browser will store all the information needed to recreate the web pages you visit! Not just a screenshot! This critical flaw appears to have present for years in all known browsers! The end is near!
Seriously? Come on. I know ./ likes to post anything related to the iPhone, especially if it involves "spying", but this is pretty uninteresting. Security is traded for speed and features on a daily basis, including places where do so presents a major risk (*cough*Outlook). This is really not too surprising since it trades at most a little privacy in exchange for a neat effect; what would you expect Apple's iCandy to do?
Tag this article as fud, because that's what it is. Any excuse to bash apple and/or iphone.. Really, if we're going to get upset about this, let's get upset about browser caching, cookies, history.. etc etc
Think of the children!
Tibbon
tibbon.com
This is the dumbest load of crap I have ever heard. Who posted this, someone from RIM?
God knows everything, now the god phone does too?
Every time you call tech support, a little kitten dies.
Attention Girliemen: Buy a proper phone next time.
The iPhone takes a screenshot, but they never said in the FA whether its actually written to flash or not!
Given the limited write cycles of Flash, I would hope that Apple just keeps it in RAM.
Test your net with Netalyzr
I _am_ Jonathan Zdziarski and even I don't understand why this is news.
This was a side note I mentioned the other day, and has been something I've been grousing about for over a year. It's unnecessary, and a bit of a privacy leak that can be exploited by forensic examiners, but hardly news for the reasons already stated in the comments.
Thats what got the cops looking at the Pervs Iphones to begin with
Imagine using an iPhone for phone sex? I see it now:
iPhone: it watches you masturbate.
Ginga no Rekshiya Mata Each page.
I had a glitch occur that put one of these screen shots in my photos collection. I was wondering what kind of glitch would have generated a screenshot. Now that is partially explained.
Black tape.
I have no problem with Apple doing this to make a cool effect. I wonder if it will be the same in iPhone 2.1
How this is different than your Firefox cache (which is worst, privacy wise IMO) or *gasp* any other graphical GUI effect ?| Slow news day ? And BTW, any IT forensic who has access to the machine can do whatever the fsck he/she want. Are we gonna encrypt the graphical effect's screenshots now ? WTF people, Wake up!
... There is a new Metallica album day, you guys should talk about that. Geeks love Metal too ya know!
Let Apple be for a minute
This is a stolen sig.
The iPhone has a really invasive program that actually keeps track of all your appointments, dates, meetings; pretty much everything you do every day of your life. I can't believe Apple is getting away with this surveillance!!
It doesn't matter if it's RAM or flash. When you get arrested/detained, you probably don't get the chance to turn off your personal electronics.
The other day the local news did a piece on the cell phone forensics guy at a local police dept. They use commercial software to extract a copy of everything they can find and store it as possible evidence. The software is smart enough to recover deleted files in some instances, as well as the usual contacts/call records/etc.
Obviously if this screenshot was considered interesting for forensics, it would be pretty trivial to write an iPhone-specific version to grab this while you're sitting in cuffs.
The only real question is whether a warrant should be required or not. According to the forensics guy on the local news, it currently isn't *required*. I think it should be.
It really is no surprise that someone with the screename "lysergic acid" takes issue with being a crook because of illegal drug possession, but how the fuck did this get modded up?
YES possessing illegal drugs makes one a crook. Deal with it, because it's reality. I really don't see how an intelligent person could openly wonder how doing the very thing that makes one a crook could cause one to be called a crook.
Now, you can argue over whether you should be a crook, but that's not what was done here.
Second, save the vacuous "alcohol" argument. I'll wager anything you want that in a random survey, the majority of respondents will indeed say alcohol is a drug, so I don't know who you think is deluding themselves besides you.
Next, why are you even bringing up alcohol? If you want to decriminalize drugs, then make the case. Aim for what you want, and save the attempts at drawing equivalence. Saying "a drug that is easily and readily available does more damamge than drugs that are much more rare and difficult to obtain" isn't much of a point outside of a smoke filled dorm room.
To quote LongNoi "QZTR was right and won't leave me alone because I called him a moron when I was wrong" FYS
"Would you please have an iSeat..."
Turns out iPhone is really iKnowWhatYouDidPhone!
I am a privacy nut. (Please notice I post anonymous coward.) I have friends who have Apple products. I cannot understand why they haven't put tape over the cameras. Or why they don't come with lens caps.
The only distinction between a "screenshot" and "buffering an image" is that in the case of a "screenshot" a file is produced on disk. In this case it's probably a .png file. Since the iPhone has plenty of resources to cache the image in RAM, it does seem weird that the image needs to be written to disk. The code that transitions to the Main Menu could be architected in many ways:
1. The code is in the Main Menu itself. It takes a screenshot as soon as it starts up, draws its own display in an offscreen buffer, and does a simple transition between the two images using the high-level animation methods.
2. A separate process takes the snapshot for the benefit of the Main Menu process, which then draws its own display in an offscreen buffer and does a simple transition between the two images using the high-level animation methods.
3. The Main Menu takes screen snapshots both before it exits and just as it starts up, and simply uses these two static images to accomplish the animation effect. This would be the simplest implementation.
4. The application launcher handles all the transitions, intercepting the first draw of the application interface within the application runtime, or as part of AppKit's implementation of mainNibDidLoad. The Main Menu process is the parent of all application processes. Animation between apps might be handled by an independent process or thread.
Perhaps some iPhone developer can shed light on which of these is most likely. The existence of a screenshot file only implies that data needs to be shared between processes, and that simple high-level API's are being used.
Applying my Slashdot headline filter, my sense of the original article - which I haven't read - is that, if you're looking to secure and encrypt everything on your phone (for safety!) this is one more thing you should remember to securely delete.
In terms of taking the customer's desires seriously, the main questions all this raises with me are: How soon can we get fully encrypted iPhones? And: can we get them without an NSA back-door? Or better yet: can we get an open source encryption plugin framework, and roll our own?
The companies who provide phones and data networks are only just beginning to get a working system together. They're just happy it works at all most of the time. Encrypting everything is going to require a lot more computational power throughout, which no one wants to sacrifice because it hurts performance. In order to get everything encrypted, companies would need to fight all the special interests that see advantage in removing the private citizen's expectation of privacy. They don't have any compelling interest in taking on that fight.
I would argue that there's a constitutional basis for demanding that universal encryption be a goal of all communication devices, and that it be considered in every new protocol. It should be as difficult as possible to install electronic eavesdropping, whether for your neighbor or for the FBI. That would be an exemplary bit of American justice, gaining us all more liberty, privacy, and security.
-- thinkyhead software and media
That was my bad I was too drunk to realize that...
To quote LongNoi "QZTR was right and won't leave me alone because I called him a moron when I was wrong" FYS
I can't watch the video, however are the screenshots just left in RAM? Or are there actual files saved somewhere?
"Videoaping this crime spree was the best idea we ever had!"
Home key? Don't they mean homo key?
I wrote a little app to fill the cache with screenshots of the IRS web pages. Anyone tries to investigate me, they'll have to carefully examine Publication 936, the instructions for Schedule F1, the guidelines for reporting "nanny" wages, and the like. Even if they aren't literally bored to death, they definitely won't want to look any further.
No. Not more trivial than walking down to the store.
In fact, it would take a particularly ignorant, intentionally disingenuous person to argue that getting pot is anywhere near as easy as getting booze.
Next, the reason people think pot is a gateway drug is the same reason people think running around in the cold causes the flu (I SAID FLU THERE PEDANTS, SO FUCK OFF). they're ignorant and are repeating bullshit they've had drilled into them.
It of course never occurs to you people that it may in fact have nothing to do with the drug and simply be a consequence of well ingrained patterns of behavior that lead to drug taking.
No way!
Last, I don't need to "know where to look" for booze, as they have whole stores devoted to it. I could even ask someone I don't know while I'm passing them on the street.
In short, everything you said is wrong.
To quote LongNoi "QZTR was right and won't leave me alone because I called him a moron when I was wrong" FYS
I for one would prefer to not have a camera on my Macbook and to have the iSight as a separate product. the only time I've used he actual camera I've actually picked the whole laptop up and waved it at the object I was needed to take a picture of.
Do many people really use the cameras in their Macbooks and iMacs? It seems like a supremely useless (and narcissistic) design to have a camera that you can only use part of the time and only to take a picture of yourself.
iPhone protector/cover thingy ... with a lens cap!
---- "Logoff! That cookie shit makes me nervous!" - A. Soprano
OSX also does that little shrinking animation when you minimize a window. I wonder if the same flaw is in OSX?
Young kids tend to love the built in camera, especially using it with the Photobooth application. The Grandparents love video-chat with the grandkids. Everybody in-between in age thinks it's a waste of money.
I've used the built-in camera in my Macbook exactly once so far.
That's what they deserve for buying a smartphone that is so locked up that you can't even switch it off, change the battery, install a program or insert a memory card in it.
I agree this is not big news and comparable to browser caches etc., but even on a Windows phone you can wipe temp files.
I did look in a dictionary, and it said
"a person who engages in criminal activity for personal gain"
and since "getting high" is inarguably "personal gain", it appears I didn't make an ass of myself.
I bet you wish now that you could say the same.
Next I don't care why you brought up alcohol, it's a dead end argument and you should dump it. You don't sound intelligent when you make it, you sound like every other 12 year old when they realize laws are sometimes hypocritical and contradictory.
The reat of your post isn't worth addressing, but I have to say you look pretty silly making a claim that is refuted by the very post you're replying to.
To quote LongNoi "QZTR was right and won't leave me alone because I called him a moron when I was wrong" FYS
I have an iphone.
I think it's cool that it does this.
What police would not get is the things I say to my phone as they are looking at my pictures.
Yankees Box Score on the screen but they don't hear me saying, "Stop sucking you losers!"
Pr0n on the screen.
"Stop sucking that loser and come over and suck me!"
Slashdot on the screen.
"Why does everyone say idle sucks? Those people are losers."
Hate to break it to you, but if you check the post I made to OP, you'll see a definition that clearly applies to illegal drug users.
Now, do you really want to argue definitions when everry definition of "crook" would have to be inapplicable to illegal drug users for you to be right, while I only need one (which I've already found) to be right?
Don't argue definitions (especially of slang and vernacular) it just makes you just sound like a tool (and yes, I'm including myself in that right now).
To quote LongNoi "QZTR was right and won't leave me alone because I called him a moron when I was wrong" FYS
So my iPhone takes a 'screen' shot of EVERYTHING I do? This is disturbing to say the least. Let's say, for example, I am sitting on the crapper. Does my iPhone take the shot at the beginning, or at the end? That would be good to know. Also, what if left my iPhone in the other room, you know, for privacy. Will my iPhone take a screen shot of me not being in the room, but in another room, you know, doing something? Wow! Everything I do? It's mind-boggolin g (sp?)
The phone swaps an image to the disk so it can later be used in compositing. It's nothing new you know. Virtual memory's been around for aeons, and looking through an unencrypted swapfile to find incriminating information isn't exactly new either.
Those using pirated Tinysoft signatures(TM) are a real threat to society and should all be thrown in jail.
I'm getting a Blackberry.
"Politicians and diapers must be changed often, and for the same reason."
Yeah, but I am Spartacus!
[100% ISO 646 Compliant]
SVM, ERGO MONSTRO.
Joking aside, the article is puzzling and it reeks of FUD: if the iCrooks were bad enough to get the authorities
The police nabbing crooks is good. But the concern is about what happens if the crooks steal an iPhone. Are the passwords still secure? So far, people have been assuming that if they use a third part password manager that's reasonably well written, their passwords are secure. Now, it turns out, that if you look up a password and then close the application with the Home button, your password is being captured and stored unencrypted in a screenshot.
This fool doesn't even present any evidence that this 'screenshot' is -ever- even written to storage. Sure, it has to be in RAM to be shown zooming away, but the same thing applies to showing anything on the screen at all. Just because it saves processing power to capture an image instead of zooming the live app like OS X does, doesn't imply that the image ever leaves volatile RAM.
- written from my iphone.
How can you NOT think of the CHILDREN!?! This is definitive. The children can only be safe by banning iPhones.
It's a terrible price we all must pay...but when you next see a child not being raped or murdered, you'll know you did your part to make that happen, and it will all be worth it.
Now that I think about it, I'm pretty sure everything I just said is completely wrong.
FUD would be an improvement where that guy is concerned.
What the OS needs to do is pass free blocks to a scavenger routine that zeros and/or randomizes their contents before returning them to the system. If you're worried about overhead just do it whenever the system is idle.
But phones, notebooks, AND desktops could benefit from this simple security technique. It may not be perfect, but it would go a long way towards blocking many of the most common security hacks and attacks that depend -- essentially -- on digging through the garbage...
Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
What ever you do, do not press the home and sleep/wake button at the same time while the camera app is open, and you are murdering someone!!! I learned the hard way! :(
Credit is due to Wired's Gadget Lab for this report.
What? I can't assume Occam's Razor was a slick fold-up scooter?
You don't see it because it proves you wrong.
Of course, I explained it thoroughly, so when you say "I don't see it" what you mean is "fuck I'm wrong, I'll pretend the obvious and irrefutable prrof I'm wrong isn't there"
But it is.
To quote LongNoi "QZTR was right and won't leave me alone because I called him a moron when I was wrong" FYS
Not so sadly I didn't bother to read anything past your ridiculous attempt to fabricate a definition for the word crook.
Argue with the dictionary dude, it will care more about your verbose spewing far more than I do.
To quote LongNoi "QZTR was right and won't leave me alone because I called him a moron when I was wrong" FYS
there aren't any strawmen and your points are all wrong.
If you had actually read the discussion you decided to trample all over, you'd see that the discussion was about whether the definition of "crook" applies to people who use illegal drugs.
This was clear from the beginning and even more clear by the time you posted.
Additionally, the statement was not "possessing drugs" it was specifically
"it may be ILLEGAL to own certain drugs, but that doesn't make drug users CROOKS"
I'd read past the first sentence in the future, that way you won't look stupid like you did this time.
To quote LongNoi "QZTR was right and won't leave me alone because I called him a moron when I was wrong" FYS