There is a growing amount of so-called “spy software” available that promises to log everything the user of an infected phone does while attempting to remain undetectable. Compromised devices are easily traceable via GPS, record all incoming and outgoing text messages and phone calls and can even be used to spy on captured photos and browser history.
Installing such software on Android or BlackBerry devices is morally reprehensible but not quite as damaging as doing so on an iPhone. This is due to the walled garden approach that Apple takes, something the majority of iPhone users take at face value.
Installing iPhone spy software requires you breach this fortress-like security – and that’s just the start of the problems.
A Legitimate Use?
Spy software, by its very nature, is designed to snoop on people. It is for this reason that anyone reading this who is contemplating installing such software probably doesn’t care what I have to say about any aspect of doing so. Clearly if you’re thinking of doing this, morals are not your strongpoint and you’ve probably already ethically justified it in your head. I’d urge you to reconsider this standpoint, but it’s probably a battle I’m going to lose.
Much of this software is marketed in a very broad way. Not only is it advertised to snoopers who want to track the location of an individual or spy on someone’s smartphone usage but it’s also marketed as a legitimate security tool. This is complete rubbish, and will form the backbone of this article. If I can’t change the minds of those who deem such a practice necessary in the first place then I can try to redress the balance for those drawn in by dishonest marketers.
Parents – do not use this software to trace your children. There are free and safe ways of doing this which I will come to at the end of the article. Some marketers even try to target employers and so I must say employers – do not use this software to spy on your workforce. If you’re an employer who feels they need to be concerned about smartphone security then you shouldn’t be allowing non-company devices in the workplace. Period.
Warranty, We Hardly Knew Ye
There is no spy software on the market that will be able to do all it promises – i.e. spy on any activity, trace any location or upload any camera images – without voiding the device’s warranty. Parents installing such software will be voiding their children’s warranty on that device. Paranoid other-halves will be voiding their spouse’s warranties also, and this goes for employers too. Why? Jailbreaking.
Apple takes a hardline approach to security. The iPhone is not designed to run non-App Store software, this is seen as a security violation by Apple, as a restriction by some users and a safety net by others. Android does things differently – unchecking a box in settings allows the installation of non-Google Play apps, and it’s just as easily reversible.
Not so for iOS devices. These devices must go through what is known as a jailbreak, which involves loading custom firmware onto the device which provides greater freedom, allowing users to run all sorts of unsigned software on the device. Spy software is always unsigned for two reasons – it would never be able to perform its spying duties as a standard app due to iOS permissions and Apple would never allow it in the App Store in the first place. Many people don’t realise it but with some preparation a jailbreak can take a matter of minutes to complete.
When you choose to jailbreak an iPhone you are voiding your warranty by running modified firmware on the device. It will also void any AppleCare after-sales packages you have taken on. This is fine if it’s your own iPhone, and you understand the risks involved in doing so. Jailbreaking your device is generally a very safe operation, and even a jailbreak gone wrong is unlikely to “brick” your iPhone. It’s the jailbroken firmware you’re left with that poses the biggest security risk.
Jailbroken phones are able to run unsigned apps and this includes potential malware. If the root SSH password remains unchanged once the jailbreak is complete, malware could run riot on your phone and with no Apple guardians to oversee software, you have to rely on third-party developers to be the judge and jury. If you think about it, spy software is malware by design but marketed as valid software.
iPhones and other iOS devices that have been jailbroken are also often unable to run some genuine App Store apps. Developers have ways of detecting a jailbreak and can now prevent jailbroken devices from using their services. One example would be DIRECTV which delivers streaming video and another reported app is Skype for iOS. Many banking apps are also restricted for obvious reasons, two examples being CommBank and Kaching from Australia’s Commonwealth Bank. Getting these apps working again involves playing a game of cat and mouse between developers and the jailbreak community.
For the unsuspecting jailbroken victim, apps like these will flatly refuse to run as they won’t be installing the latest exploits to circumvent the restriction.
Detecting Spy Software
There’s actually no guarantee you’ll be able to find evidence of the spy software itself, as such software is designed to be hidden from view. Instead there may be a few left over telltale signs of a jailbreak, and if you find them and but have not performed a jailbreak yourself then you can pretty much guarantee someone’s designated you as a mark. If your partner or parent has jailbroken your device for you then it doesn’t mean you’re being spied upon, but it will be difficult to prove otherwise without reverting to stock firmware.
One sign of a jailbreak is the Cydia app. Even if this app has been hidden from the home screen, searching for it (swipe left-to-right on your first home screen) should still find it. First go to Settings > General > Spotlight and ensure that Applications is ticked. Then search for Cydia from your homescreen and if the application is there, your phone is jailbroken.
There is no guarantee of finding Cydia, and the careful snooper will probably try all they can to hide any signs of a jailbreak. Other apps to search for that might suggest a jailbreak include “Installer”, “Icy”, “SBSettings” and “Installous”. Similarly, installing an app like those mentioned above might reveal something is up if they refuse to run.
Removing The Software
Because jailbreaking is a game of cat and mouse played between Apple and those who choose to jailbreak, the latest and greatest iOS firmware won’t always be jailbreak compatible. Keeping your phone up to date and performing all iOS updates as and when your iPhone notifies you about them is the best way to remain secure. Eventually iOS versions will be jailbroken and at this stage removal is surprisingly easy.
According to many jailbreaking communities, reverting your phone back to stock Apple firmware does the trick. Myself I’m not so sure Apple isn’t noting down the unique identification numbers (UDIDs) of jailbroken devices via the App Store, but it would seem restoring your phone “as new” will remove all traces of a jailbreak.
For those of you convinced you’re being traced this is as simple as plugging your phone into iTunes and choosing Restore. If you choose to revert to a backup, there’s a chance some evidence of the jailbreak will be retained and if your phone needs attention from Apple (either as part of a 12-month warranty or the extended AppleCare package) then you will be denied service. For this reason, be sure to back up everything you want separately and transfer purchases within iTunes.
Parents Listen Up
There is a free alternative to spy software for parents who are concerned about the whereabouts of their children. Find My Friends works across Apple devices and uses Apple IDs to connect friends and family. By authorising a friend or family member to view your location in Find My Friends, they will be able to see where you are whenever they like. Creepy? You bet.
Find My Friends can be customised to prevent the location being displayed on the transmitting device. This is due to the fact that it is not spy software, but a tool for staying in touch. It gives the user a choice over whether to reveal their location at all times and it does none of the snooping on text messages, phone calls or camera photos. Using Find My Friends doesn’t teach your children that spying on people is the right thing to do, and instead pressures you to enforce basic smartphone safety and talk to your children about why you want to use such a service.
If you’re worried about your children’s uncanny ability to lose things then remember to enable Find My iPhone, a similar service accessible via iCloud. For as long as the phone is left in the same state it was when it was lost it will be traceable using Apple’s own plan B.
This isn’t a lesson in parenting, but a lesson in ethics and trust. It’s also a lesson in not being ripped-off by marketers trying to sell you a wolf in sheep’s clothing. Take a close look at the FAQs and you’ll see the requirement for a jailbreak quietly mentioned, behind advertising phrases like “completely undetectable”.
All software that promises to spy on an iPhone requires a jailbreak. Some do not mention it in their marketing speak, but it’s a requirement and for as long as Apple maintains its iron grip it always will be. Many of these packages are not one-off payments but subscription models that require a minimum term, which quickly adds up.
Be smart, be safe, be honest and don’t get ripped off. If you have any questions about your iPhone’s safety, spy software or alternative apps for other platforms then don’t forget to ask MakeUseOf Answers.
Have you had any experience with such iPhone spy software? Have you been on the receiving end? Have you ever installed or trialled a service? Is Find My Friends good enough? Get out the soapbox and have your say in the comments, below.
Intro image: Man in Hat Vector (Shutterstock)