How do I detect keylogger or other nasty tools on an iphone5?
So, my iphone’s battery went to the big battery storage place in the sky. I had enough power to run the phone, but the battery had got hot and swelled up necessitating a replacement.
I went to our local repair shop, and handed it to the owner, but I had not locked it since I needed to show the shadowing on the screen to her. The next thing I know is she diagnoses it, and hands it over to a technician with an order to replace the battery. 20 minutes later I have it back.
Yeah, it was stupid of me not to lock the screen, but that’s over and done with, how do I check to make sure nothing got put on it?
PS. Phone’s doing fine now.
Not so much of a issue with the iPhone, it is pretty darn locked down. What you have exposed is what the technician can access while it was in his/her hands, not what they can install on it.
That’s good to know. I had some pictures of credit cards, Social security card, and medical cards in the camera section. I suppose if that got downloaded, I’ll detect it quickly enough. I really need a passworded app for those.
There are keyloggers for the iphone, I guess I’ll have to search for them one by one.
Do you have some reason to think the technician installed something? Why would you even take it to that place for repair if you think they would install a key logger?
To give you peace of mind: keyloggers cannot be installed on non-jailbroken iPhones, as the OS does not allow apps access to keystrokes when the app is not running. Even if it’s installed and “running” in the background, any possible keylogger app does not have permission to access keyboard strokes.
Further, the technician can’t install anything without your i-whatever account password. Even if he could, iPhone app icons on your home screen can’t be hidden in a non-jailbroken phone. The best a technician could do, assuming they have your password, is bury the app in a folder and hope you don’t notice it. Which is pointless, since the app can’t access your keyboard anyway.
Long story short, you’re fine. You’re more at risk of them using your logged-on accounts to check your bank or credit card… and even that is highly unlikely.
It’s not that I don’t trust them, it’s that I’ve heard of too many stories of technicians getting into computers placed into their care and misusing them. It was a panicked burst of paranoia.
I had a weekend full of First World Problems, which even though they won’t kill me, a half dozen at once can raise my stress level so I panicked.
Thanks to everyone who posted informative and reassuring messages to talk me down.
I will say that while panicking over keylogging is really not warranted, there is one issue that is a lot more low-tech. If you DO ACTUALLY have photos of your credit / banking / loyalty cards front-and-back just sitting in your photos folder or in an open ‘keychain’ style app, it’s the work of a few seconds for someone to flip through your photo album or your opened keychain app and then snap a photo of your screen (showing your card info) with their own phone. No keylogging required to steal that info if you didn’t have it locked up.
Keep an eye on your accounts for a while, and get those photos into a more secure location on your phone pronto.
I guess it’s also worth pointing out that it’s probably second nature for techs (and anyone else who finds an unlocked phone) to check out your photos in hopes of nekkid selfies. So leaving pictures of sensitive stuff on a phone is not a great idea.
Actually, the vast majority dont care. Its just a bunch of files to us. Nobody wants to skim through 8000 pictures looking for the 2 nekkid picks you sent to your SO.
