Shortly after the iPhone was released, a group of security researchers at Independent Security Evaluators decided to investigate how hard it would be for a remote adversary to compromise the private information stored on the device. Within two weeks of part time work, we had successfully discovered a vulnerability, developed a toolchain for working with the iPhones architecture (which also includes some tools from the #iphone-dev community), and created a proof-of-concept exploit capable of delivering files from the users iPhone to a remote attacker. We have notified Apple of the vulnerability and proposed a patch. Apple is currently looking into it.