I looked at the Linkedin, Flickr, and Facebook iPhone apps to see how secure they were.
When you log-in your password is safe and protected with SSL:
1 0.000000 192.168.0.102 8.17.171.32 TCP 49891 > https [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=2 TSV=840468191 TSER=0
Frame 1 (78 bytes on wire, 78 bytes captured)
Ethernet II, Src: AppleCom_94:9e:c2 (00:16:cb:94:9e:c2), Dst: D-Link_4a:41:9c (00:0f:3d:4a:41:9c)
Internet Protocol, Src: 192.168.0.102 (192.168.0.102), Dst: 8.17.171.32 (8.17.171.32)
Transmission Control Protocol, Src Port: 49891 (49891), Dst Port: https (443), Seq: 0, Len: 0
However, let’s say that you view your list of contacts on the LinkedIn iPhone app:
You’re basically giving away your contacts to the hacker at the cafe who is taking advantage of the fact that you’re using WiFi.
Here’s the scoop on the iPhone Apps.
Your data is not secure with these apps:
Flickr: Password Secure, Data not
Facebook: Password Secure, Data not
Linkedin: Password Secure, Data not
All your data is secure with these apps:
Gmail: Password Secure, Data Secure
Hushmail: Password Secure, Data Secure
Hushmail even has an option to turn off security, but why would you? 🙂
2 replies on “How Secure Are iPhone Apps?”
How would someone get access to these data on somebody else iPhone through Wi-fi… ?
You can use tcpdump or wireshark.