On December 2nd, 2009, I talked in Geneva on iPhone Privacy. I called the following Apple claim into question:
Applications on the device are "sandboxed" so they cannot access data stored by other applications.
In addition, system files, resources, and the kernel are shielded from the user's application space.
SpyPhone demoes it is not exactly true. It shows the kind of data a rogue application can collect in a non jailbroken iPhone.
These data do certainly interest marketers, spammers, thieves, competitors and law enforcement officials.
See http://seriot.ch/blog.php?article=20091203 for more informations.