Breaking Enterprise iPhone Application Security ?
There are a couple of enterprise iPhone applications out there that promises over the air and device encryption. (e.g. MS Exchange email sandbox apps).
However, there is a fundamental issue. Some of these iPhone applications are built upon the iOS frameworks like UIViewController which provides the layout of the applications.
It is possible to hook onto these classes on a jailbroken iPhone to perform screen captures of confidential emails in your so called sandbox applications. When used together with a iPhone keyboard logger (https://github.com/milo2012/iPhone-Espionage/tree/master/kbhook2) which hooks on the UIKeyboardImpl class and captures all keystrokes that you have entered, including any passwords.
In this case, if your jailbroken device is compromised, there is only so much you can do even if you are using an iPhone application that provides encryption or security.
Should you allow jailbroken iPhones in your organization?
Should your enterprise application detect if the device is a jailbroken iPhone and exit the application if a jailbroken iPhone is detected ?
Please let me know what you think.
Source code can be found at the below link