Q: Safari iOS 7 keeps flashing previously closed tabs upon reopen? Security Problem

I'm able to reproduce this problem by opening Safari on my iPhone 6 Plus iOS 8.1.2, rotating it to the left so it's in landscape mode, hit the home button to close Safari, rotate to the right back to normal portrait mode, then reopen Safari. An old cached image of a web site viewed several months ago appears for a brief few seconds.

I have tried all the methods of rotating, closing Safari, double-clicking, closing Safari in the multi-tasking app, etc. but none seem to overwrite this image.

I confirm that this is a serious security issue.

I added it to the IOS8 wiki page.

https://en.m.wikipedia.org/wiki/IOS_8#Problems

Lets hope an overzealous fanboy with his head stuck in the sand doesn't remove the addition.

I can't check every day to see if it's still there as I have a life.

I can't see the post on there so assume it's already been removed

To make matters worse, I have discovered if you open safari in portrait mode, rotate to the left to landscape mode, press the home button to close safari, rotate your iPhone right back to portrait mode, double click the home button to show the task manager, you can see the offending safari image for as long as you wish!!

You could even take a screenshot capture of it to save for future keeping by pressing the home and power button at the same time.

Yep, a fanboy removed it.

I added it right back.

Here is the text, if they remove it again from IOS8 wiki (under "problems" section) feel free to add it right back. The reference is formatted to display neatly as incremental wiki footer.

"As of January 22nd 2015 the only serious remaining security backdoor in IOS is the cached screenshot/snapshots issue used in multi tasking. When opening apps or switching between them, the O/S will flash a saved screenshot of that app screen for 2 seconds while loading the app in the background, to give the illusion of immediate user response. Due to the screenshots being saved for all 3 (iPhone) or 4 (iPad) orientations users can at times momentarily see screenshots that may be months old when using apps. The problem mainly manifests itself when using an app, switching out, changing orientation and switching back to the app. Clearing out the cache or viewing history does not prevent the problem from occuring, neither does resetting all settings. The temporary screenshots show whatever was on the screen when the snapshot was saved, inc. any potential security or privacy risks. https://discussions.apple.com/thread/5413121?start=135&tstart=0"

Jamie is the God!!! (his solution is at the bottom of page 5)  Thanks, you may have saved my marriage and/or the scorn of my children.   I swear I'll never accidentally look at ***** again...

(Follow up:  Apple actually blanked out my use of the colloquial word that begins with P ends with O and has an orn in the middle!  Censorship anyone...)

And Ms Meg St Clair: obviously you're a huge Apple fan, and with good reason as they have some awesome products, but you shouldn't deride legitimate questions and concerns.  Apple is great, but not perfect, and they should fix glaring security problems just like any vendor who sells products to the public.

The solution there is a temporary fix for the iPad; however, it does not work on the iPhone, at least not for me  (since the home screen cannot rotate).

iOS 8.1.3 came out earlier this da. Sadly I have to announc that i does not contain any fixes regard this issue.

My wife and I no longer use the iPad for surfing the web, since we view too much inappropriate material and it has flashed up numerous times when we first turn the iPad on. Our young children play games on the iPad all the time - I can only assume they've seen stuff too. This is a lawsuit waiting to happen.

REdiculous this has not been addressed. Fix this Apple!!!

Thanks Gold333. I re-posted that paragraph (with some updates/revisions) to the wiki/iOS8/Problems section. I included the youtube video as a reference to the Private mode aspect. Let's keep this up if we can. The text I posted is in quotes at the bottom in case a re-post is necessary.

I just tested it and this security flaw still exists on iOS 8.1.3 on my iPad Air 2. I submitted feedback via a bug report as an 800 character excerpt of the wiki post to (hopefully) keep it on their radar.

As a side note, what about just not switching away from an app when something sensitive is displayed? It will not fix the problem, but with some conscious effort it can at the very least prevent saving screenshots of sensitive information until it is fixed.

Wiki/iOS8/Problems Text:

"As of February 10, 2015, the iOS 8.1.3 release still contains a serious security flaw in cached screenshots created during multitasking. This security flaw has been known publicly to occur since October 5, 2013 and has persisted since iOS 7.0.2<ref>{{cite web|url=https://discussions.apple.com/thread/5413121?start=135&tstart=0}}</ref>. The iOS saves screenshots of all applications upon switching away from them so that when an application is opened it displays the saved screenshot for 2 seconds while the application loads in the background. This iOS feature is to give the illusion of immediate application response. However, due to the screenshots being saved for all screen orientations (3 for the iPhone and 4 for the iPad), users at times momentarily see screenshots that may be months old when loading applications, even browsing history that was performed under Safari's Private mode<ref>{{cite web|url=https://www.youtube.com/watch?v=qPLXJPHfcgE}}</ref>. The problem manifests itself when using an application, switching out, changing orientation, and then switching back to the application. When the application loads, it temporarily displays the screenshot that was saved last time the application was in that particular orientation and switched away from, which is not necessarily what was saved last time the application was used. The temporary screenshots are a security issue because they can show any personal, business, or private data, which presents a significant security risk. This security flaw is not permanently mitigated by clearing out application cache or resetting all settings, as recommended by Apple. Resetting the device only clears screenshots saved prior to the reset, but new screenshots are saved every time an application is switched away from. This security flaw is not application or hardware specific, it is a known and persistent iOS flaw."

I have had exactly this problem for several months now . And I have tried all possible solutions: cleared the cache, rotated the screen, etc., but nothing works. The old screendump keeps coming back when I open safari. I can see that MANY users have similar questions, but no one knows apparently what to do - and Apple is completely silent about this problem. It is SO annoying ...

SOLUTION!!

I have been having then same issue on my iPhone 6+. Here is the solution that worked for me.

1- go to settings-general-date and time

2- set the date (must turn off automatic setting) two or three days into the future

3- go to settings-safari-delete all safari website data

4- return date to normal

This should fix. To test the problem, rotate into landscape mode, open safari, close safari, rotate to portrait, open safari. If it worked, you will not see the old snapshots.

Good Luck

This is a problem with the way both 3rd party and Apple developers are implementing the snapshot behavior. Apple should be held liable for this cheap method to make it appear as if the application is launching quicker by displaying a snapshot of the app's previous state. Relying on the developer to implement a feature that can put the end-user at such a security risk is a very bad decison on Apple's part and dangerous. Security firms should be alerted of this issue and it should be made more public than it currently is.

In the App Programming Guide for iOS, Apple says:

Remove sensitive information from views before moving to the background.

When an app transitions to the background, the system takes a snapshot of the app’s main window, which it then presents briefly when transitioning your app back to the foreground. Before returning from your applicationDidEnterBackground: method, you should hide or obscure passwords and other sensitive personal information that might be captured as part of the snapshot.

Ive had this problem with YouTube. It's not as big of a deal w/ YouTube as it is w/ safari. I can see how this can be very annoying.