Apple

It's true.
The iPhone does need a revamp in security to remain safe.
Jailbreakers can take extra steps toward security than OTB users though. I'm thankful for that.

soooo..what do we do ? lol idk you always hear things like this aand suddenly the hype dies so im not to worried

You spelled Beware wrong in the Photo for the article. :-) Bewware...not sure if that was on purpose as a play on Rogue apps?

Originally Posted by Plotkin35

You spelled Beware wrong in the Photo for the article. :-) Bewware...not sure if that was on purpose as a play on Rogue apps?

wow

Totally meant to do that NOT. Thanks for catching my sticky double W keyboard

I'd be interested to know how a hacker would go about doing this since Apple supposedly doesn't allow multitasking. So it's obviously not recording keystrokes/touches... I wonder if he/she's some how able to modify the 'Allow app to use current location' function to get more than just the GPS data to grab said sensitive data. Very creative, unfortunately how is any one able to know if they've even downloaded a corrupt app.

Things like this just go to prove that no system is completely safe. Apple has touted how it has the safest OS ever. The fact of the matter is it has been the safest because frankly nobody cared. MANY people worldwide can be effected by attacking the iPhone OS, so hackers are much more interested. For every hole that is patched up another is found, as should be crystal clear with jailbreaking and unlocking...

Isn't this the whole justification for the Apple closed shop approval process? I thought Apple was vetting all apps so the world would be safe? If bad stuff is getting thru then Apple's justification for it war against jail breaking losses some of it's creditability.

Does this refer to the apps that talk to the network all of the time? Those are the apps that kill the battery life and is so annoying. Case in Point: New York Tines app. I'll have the phone locked, and i hear constant GSM interference which tells me that the app is still talking to the net. I even turned Fetch/Push off and it still did it. I noticed when I deleted the app, the battery life increased and the GSM interference was gone...I know there are more apps like that. Would that be a security threat secretly talking to the devs??

I don't buy it.

He says he created iPhone spyware. I could say that I created iPhone spyware too. Where is it? How many phones is it on? Where's the proof that it ever existed and that even a single person ever had it on their phone, and furthermore, that it actually worked and retrieved data for him? And then we would need proof that it was on the App Store, successfully approved by Apple regardless of the malicious code within.

Sounds like Chicken Little to me.

Besides, how many people actually have useful info on their phones that these questionable app makers would be after? I bet virtually none. If anyone wanted to take all the time required to sift through my emails or listen to all my conversations or view my browsing habits, be my guest. They won't find anything useful. I'm sure this is the case with 99% of iPhone users. Anybody willing to use things like credit card numbers over celluar data waves is already taking risks and knows what they're getting themselves into (I hope). The worst 'rogue app' coders could do is get passwords to websites, like this one. OMG, somebody's going to come on here and post in my name! The world is over, oh noes! Pfft.

Originally Posted by Sevael

I don't buy it.

He says he created iPhone spyware. I could say that I created iPhone spyware too. Where is it? How many phones is it on? Where's the proof that it ever existed and that even a single person ever had it on their phone, and furthermore, that it actually worked and retrieved data for him? And then we would need proof that it was on the App Store, successfully approved by Apple regardless of the malicious code within.

Sounds like Chicken Little to me.

Besides, how many people actually have useful info on their phones that these questionable app makers would be after? I bet virtually none. If anyone wanted to take all the time required to sift through my emails or listen to all my conversations or view my browsing habits, be my guest. They won't find anything useful. I'm sure this is the case with 99% of iPhone users. Anybody willing to use things like credit card numbers over celluar data waves is already taking risks and knows what they're getting themselves into (I hope). The worst 'rogue app' coders could do is get passwords to websites, like this one. OMG, somebody's going to come on here and post in my name! The world is over, oh noes! Pfft.

I think more to the point is that this can be done through the official SDK and even if it gets ONE credit card number, or password to a corporate site, things can go from bad (the fact that these things were used over unsecure channels) to worse where they're being exploited.

This could even be in something like the Foxtel app which was always claimed to take your phone number and surfing habits. It has the potential of passing the AppStore scrutiny and getting onto Joe Blogs phone who got the phone because he was cool and wasn't smart or "geeky" enough to know how to be security conscious.

Not everyone's like you where they have very little to hide and the fact is, there are places and/or people out there that would want to pay for this kind of semi private info that could potentially be personally identifiable. I don't care if it's my IBM work contacts or my girlfriends number, location and date of birth, they shouldn't be able to get that PERIOD.

lol wen u download corrupted data it wont work and it will tell u its corrupted, as for a virus/spyware theres not much to do to find out if u have dl'ed it

Originally Posted by Sevael

I don't buy it.

He says he created iPhone spyware. I could say that I created iPhone spyware too. Where is it? How many phones is it on? Where's the proof that it ever existed and that even a single person ever had it on their phone, and furthermore, that it actually worked and retrieved data for him? And then we would need proof that it was on the App Store, successfully approved by Apple regardless of the malicious code within.

Sounds like Chicken Little to me.

Besides, how many people actually have useful info on their phones that these questionable app makers would be after? I bet virtually none. If anyone wanted to take all the time required to sift through my emails or listen to all my conversations or view my browsing habits, be my guest. They won't find anything useful. I'm sure this is the case with 99% of iPhone users. Anybody willing to use things like credit card numbers over celluar data waves is already taking risks and knows what they're getting themselves into (I hope). The worst 'rogue app' coders could do is get passwords to websites, like this one. OMG, somebody's going to come on here and post in my name! The world is over, oh noes! Pfft.

First of all, his iPhone spyware app is probably a proof of concept you dumb ****.

Second of all, people could have a lot of sensitive info on their iPhone. Depending what they do with it, they could have credit card information, bank account information, people's phone numbers, addresses, etc. Most people's iTunes account is linked to a credit card account... Ever heard of identity theft?

Hmmm now I want to know what that official white house app actually does!

Originally Posted by Sevael

I don't buy it.

He says he created iPhone spyware. I could say that I created iPhone spyware too. Where is it? How many phones is it on? Where's the proof that it ever existed and that even a single person ever had it on their phone, and furthermore, that it actually worked and retrieved data for him? And then we would need proof that it was on the App Store, successfully approved by Apple regardless of the malicious code within.

Sounds like Chicken Little to me.

Besides, how many people actually have useful info on their phones that these questionable app makers would be after? I bet virtually none. If anyone wanted to take all the time required to sift through my emails or listen to all my conversations or view my browsing habits, be my guest. They won't find anything useful. I'm sure this is the case with 99% of iPhone users. Anybody willing to use things like credit card numbers over celluar data waves is already taking risks and knows what they're getting themselves into (I hope). The worst 'rogue app' coders could do is get passwords to websites, like this one. OMG, somebody's going to come on here and post in my name! The world is over, oh noes! Pfft.

Wow you're really informed. Just because you have no life doesn't mean you can assume everyone else is like you. People have pictures, passwords, e-mails (which contain private info) which leads to identity theft. You're probably not old enough to realize how much that can cost you for the rest of one's life. There's apps that people use on the phones such as mSecure which stores passwords, credit card info, driver license #'s, etc. You might not find it useful but other people do. So stop making generalizations like if you were some kind of life scientist who knows every statistic about humanity.

This guy sounds like a douche b@g. Seriously, why in the he11 would someone create an application just to grab personal info? Stupid spyware creators...

Oh wow. I guess now we actually have to be on the lookout for downloading suspicious apps. But then, I really doubt it. How much of us here actually uses the App Store these days?

Originally Posted by Nehal3m

Oh wow. I guess now we actually have to be on the lookout for downloading suspicious apps. But then, I really doubt it. How much of us here actually uses the App Store these days?

I'd be more worried about downloading spyware apps off Cydia than AppStore

Originally Posted by bengo

I'd be more worried about downloading spyware apps off Cydia than AppStore

Honestly, I think the only way apps on Cydia are spyware if the developer meant it to be or you just downloaded it from a strange repo.

But then, I don't download a lot of things off of Cydia anyways.

Originally Posted by Sevael

Besides, how many people actually have useful info on their phones that these questionable app makers would be after? I bet virtually none.

First off, your phone number. Your family's contact information, your ip address, your gps location.