In the upcoming NDSS 2011 conference in San Diego, one of the papers our team will be presenting is Manuel‘s work on detecting privacy leaks in iPhone applications. The sales of smartphones have exploded recently — especially because of mobile phone operating systems such as Apple’s iOS and Google’s Android. These smartphones have become powerful devices that are basically miniature versions of personal computers. As is often the case, as a technology grows in popularity, so do security concerns. These concerns have been exacerbated by the fact that it has become increasingly easy for users to install and execute third-party applications. To protect its users from malicious applications, Apple has introduced a vetting process. The idea is that this vetting process should ensure that all applications conform to Apple’s (privacy) rules before they can be offered via the App Store. Unfortunately, this vetting process is not well-documented, and there have been cases where malicious applications had to be removed from the App Store after user complaints.
In our paper, we study the privacy threats that applications, written for Apple’s iOS, pose to users. We present a novel approach and a tool, PiOS, that allow us to analyze programs for possible leaks of sensitive information from a mobile device to third parties.
PiOS uses static analysis to detect data flows in Mach-0 binaries, compiled from Objective-C code. Unfortunately, this is not a trivial task. In fact, it is quite challenging due to the way in which Objective-C method calls are implemented. We have analyzed more than 1,400 iPhone applications. Our experiments show that, with the exception of a few bad apples, most applications respect personal identifiable information stored on user’s devices. This is even true for applications that are hosted on an unofficial repository (Cydia) and that only run on jailbroken phones. However, we found that more than half of the applications surreptitiously leak the unique ID of the device they are running on. This allows third-parties to create detailed profiles of users’ application preferences and usage patterns.