Social media applications spy on you, and probably send home some data about you every second you use the app. But what about the applications that have another business model? Do you trust that your bus pass app, developed by your the municipality, or your smart vacuum cleaner is not sending your data back to the developers? Often, we have no idea, and until recently iOS-users had no good way of inspecting the traffic that was sent from their devices.
3 min read
By Didrik Sæther
December 13, 2020
The problem with owning an iOS-devices is that the information going between the device and a server has been difficult to inspect. Prior to me discovering Charles, I had no good ways of checking what and how often data was transmitted from an app. Previous rigs for inspecting the traffic included doing MiTM-attacks from my router, and still then it was hard to inspect HTTPS traffic. Just watch how tedious this guide from Fiddler is. Another option for inspecting the traffic was to jailbreak the device. From a security standpoint you should not jailbreak or root your device, as SANS and NorSIS states. While jailbreaking the phone exposes you to a new world of cool applications and tweaks, the security problems that follow are not worth it in my opinion. Most Norwegian banks and public services will not allow the use of their apps if they detect you are using a jailbroken device, so you will in most cases lose functionality by jailbreaking.
Charles should be a familiar name when we talk about packet analyzers and proxy tools for debugging. What you might not know is that Charles also has a client for iOS. Proxyman as well as some smaller apps like Stream and Thor HTTP Sniffer have also been allowed in on the AppStore.
How to get started spying on your applications.
Some considerations when using this.