Keeping Your iPhone From Spying on You

As widely reported, the iPhone takes a screenshot every time the home button is pressed so that the 3D “zoom” effect can be processed when the application zooms in and out, when suspending and resuming applications. These shots are stored, at least temporarily, on the device, presenting potential privacy issues.

Jonathan Zdziarski, author of the book iPhone Open Application Development and an iPhone Forensics manual, has deviced a way to disable this writing to disk, so that screenshots cannot be recovered.

He writes: “(I) found that the screenshots themselves actually get written to /var/mobile/Library/Caches/Snapshots. If you delete this folder and symlink it to /dev/null, the screenshots don’t get written to disk. The side effect to this is that when resuming an application, you’ll get the default screen in the zoom-in effect. Once the application resumes, however, you’ll have your application screen back. For example, your mail application will always zoom to the front as if you had an empty inbox, but will quickly correct itself once the application resumes. On a jailbroken iPhone, you can disable these screenshots with the following commands:

“To return to the default behavior, just delete the symlink and the directory will get recreated. Mind you, this has no effect on the many other pieces of data stored on the iPhone, and therefore your iPhone will always be at risk for leaking private data, especially to seasoned forensic examiners. Use at your own risk.”

Feedback? http://www.iphoneatlas.com/contact.