So when you hit that home button, or, I imagine, change pages in Safari, it takes a quick snapshot of it so it can do a nice transition, flip it, zoom it, whatever. Then it deletes it. Yeah… the thing is, though, it doesn’t really delete it. It quick-deletes it without overwriting. And if someone has physical access to your phone and a few minutes to hack the firmware, they can get every screenshot that survives.
It’s a serious problem in its possibilities for abuse, but unlikely to affect many. After all, if someone steals your iPhone, they’re probably more interested in pawning it than looking through all the boring stuff you do with it. But since the vulnerability has been demonstrated, it would be nice if Apple could fix it. It would be as easy as having the iPhone zero out the data when has CPU to spare; data recovery is made extremely difficult by doing so and it wouldn’t take more than a couple lines of code.
[image credit: Wired Gadget Lab]