Privacy research

I work on privacy research projects for the iOS platform in my free time. Those projects are in no way affiliated with my work or my employer.

My privacy research posts and tweets had more than 10,000,000 impressions within just a few weeks. The goal is to raise awareness of what technology can do, and educate on how you, as a user, can protect yourself.

I’m taking a short break on privacy related publications, and launch more projects in 2018.

Feel free to write about any of the topics below, make sure to read the original blog post linked, and feel free to use any of the images and videos provided on krausefx.com, as long as you reference the original blog post, including my name.

If you need any additional resources, or have any follow-up questions that are not covered by the blog post, feel free to reach out to me directly, either on Twitter or via email.


steal.password

Do you want the user’s Apple ID password, to get access to their Apple account, or to try the same email/password combination on different web services? Just ask your users politely, they’ll probably just hand over their credentials, as they’re trained to do so 👌

One of these is Apple asking you for your password and the other one is a phishing popup that steals your password.

How can you protect yourself? Press the home button and open the iCloud settings manually


Read the full blog post



watch.user

Every iOS app you ever gave permission to use your camera can record you any time it runs - without notice

Once you grant an app access to your camera, it can

All without indicating that your phone is recording you and your surrounding, no LEDs, no light or any other kind of indication.

Read the full blog post


detect.location

Once the user grants access to the image library (e.g. to upload a single photo as a profile picture), an iOS app can

Read the full blog post


take.screenshots

Sandboxed Mac apps can record your entire screen at any time, without you knowing.

Running the screen through simple OCR software, this allows the attacker to access personal information, like emails, messages, API keys and more

What’s the worst that could happen?

Read the full blog post


trusting-sdks

Third-party SDKs can often easily be modified while you download them! Using a simple person-in-the-middle attack, anyone in the same network can insert malicious code into the SDK, and with that into your application, as a result running in your user’s pockets. A person-in-the-middle attack in this context works by interfering network traffic and insert malicious code into the SDK.

31% of the most popular closed-source iOS SDKs are vulnerable to this attack, as well as a total of 623 CocoaPods. As part of this research I notified the affected parties, and submitted patches to CocoaPods to warn developers and SDK providers.

Read the full blog post


follow.user

Custom in-app browsers in iOS apps have full access to the web content, including any JavaScript variables, the full HTML DOM and more. This allows apps to steal the user’s sessions, passwords, keys and more.

Read the full blog post


user.activity

Any website you’re visiting instantly gets access to your smartphone’s acceleration and gyro sensor values in real-time without asking the user for permission.

As a result, any website you visit, can do a pretty precise guess on if you are:

Read the full blog post