Hacking Storage in IOS
Long was the time when Mobile phones were used only for making calls or sending SMS. With Smart phone and applications running on it, definition of mobile phones has been changed in last 5 years. To provide different services, companies have started writing mobile applications. These mobile applications came with ease of use for the user. Easier the application is to use, chances of having popular is more. Today, There is a mobile application for virtually everything – for banking, for shopping, to find a restaurant, to plan your travel trip, to review your business documents or last but not least social media.
Only iOS platform have more than 750000 applications. To serve clients with minimal information or click, applications have started storing information on the device. As a result, One of the key check is to look for information in the iOS device while performing iOS application security review as the biggest threat is data stored in temporary files or default locations. In 9 out of 10 applications, we find some sensitive information stored in the local device. What happens if you leave your device to someone or you are connected to open Wifi at airport or you loose your device.
All your information is in the attacker hand which can be stored password of your bank account or a PDF statement which you downloaded from your bank account or a credit card information which you used last night to do some shopping or your home address as you came back from your friend’s home last night and you were lost. We have created a list of location where different sensitive information is usually stored. List is divided in different categories.
About The Author
Hemil Shah, CISSP, CSSLP, ACP is the founder and Director of eSphere Security, a company that provides Professional services in the Security Arena