Couple of weeks back I spoke in GeekCampSG about iOS security where I demonstrated how insecure some of the iOS apps are when it comes to protecting user data. Popular apps like Whatsapp, EverNote, Instagram also fall into that categories.
During my talk I talked about 3 things:
- How data is insecure when stored unprotected in Filesystem
- How data is insecure while application communicates with a backend server
- How insecure these data can be on a jailbroken device where reverse engineering is possible in GDB prompt
You can view the slides of my GeekCamp talk below. I have already talked about part-2 “which is securing iOS apps through file protection api” in iOS Dev Scout # Sept meetup. I will post the slide of the same here as well.