Consider this hypothetical situation:
Bob and Eve's apps are installed on the same iPhone. Bob's app is running and binds to localhost:8080 to listen for AJAX calls from its own UIWebView. Eve's app runs in the background and tries to interfere with Bob's app by making AJAX calls to localhost:8080.
Two questions:
Assuming Eve's app knows Bob's AJAX API, will her calls be successful? (i.e. does iOS sandbox traffic on localhost?)
Is it possible for Eve's app to sniff the traffic Bob's app is generating?
- if Bob's app is running, yes Eve's app can connect to it.
There are 2 possible ways to have this happen. Either Bob's app is in the foreground, and Eve's app connect to it in the background, given that Eve's app is running in background. Or, Bob's app is running in the background, and Eve's app connect to it in foreground.
By default the iOS suspend apps in background. If the app make use of background execution, and continue to run in the background, it can access the network as usual.
You may want to read "Beyond The Basics" in Apple's technical notes on Networking and Multitasking
- Sniffing traffic require root access, it cannot be done unless Eve's app is a jailbroken app.
In the section "BSD (including Mac OS X)" of the article Wireshark CapturePrivileges, it state that on BSD systems we need to have permission to access BPF devices to capture packets (read: sniff network traffic). Only root (or any superuser) can access the BPF devices, or grant permission to any other user to access them.
