iPhone 3GS encryption can be cracked in two minutes using freeware, says hacker

By Daniel Long on Jul 27, 2009 1:41 PM
Filed under Mobility

Using popular jailbreaking tools freely available online, an iPhone developer and hacker has demonstrated the lack of security on the Apple iPhone 3GS - and posing potential worries if you're using the iPhone for business.

According to a Wired interview with hacker, lecturer and iPhone developer Jonathan Zdziarski, the iPhone 3GS encryption is remarkably easy to crack and steal data from.

Zdziarski says it's all too simple, but you need physical access to the phone. He found that with common jailbreaking tools such as Red Sn0w and Purple Ra1n, an entire disk image of the iPhone could made.

But breaking the 3GS encryption and accessing personal data from the device would require much less time: less than 2 minutes, he claims.   

This isn't the first security compromise to embarrass Apple in the last couple of years. Last year, Macforum users found that they could get around the iPhone's locked screen mode (version 2.0.2), by selecting emergency mode and the home button, giving them full access to multiple functions on the phone.

Zdziarski notes that greater vulnerabilities arise from the way the 3GS works as a device, not just its security flaws. The 3GS caches keyboard strokes, logged in Safari, and Zdziarski believes that this could potentially allow hackers and thieves to gain access to credit card details, made from orders online.

A number of third party vendors have already created remote wiping software in the last couple of years to combat the rise in thefts of smartphones. Kaspersky currently offer an all-in-one software product that can detect, track and remotely secure a phone when it falls into thieves hands.    

Apple also offer a tracking service as part of an annual MobileMe subscription. The tool utilises GPS to the owner's iPhones. In recent times, this act of tracking down the theft, has given way to the rise of 'mobile vigilantism', where phone owners often attempt to find and confront the thieves themselves without police involvement.

 

 
Follow us on Facebook and Twitter
 

Promo

iPhone 3GS encryption can be cracked in two minutes using freeware, says hacker
 
 
 
 
 
Top Stories
Microsoft to open flagship store in Sydney, first outside USA
Just down the road from Apple store on George St.
 
Dodo launches free Skype-like voice, video service
Budget telco echoes FaceTime, Whatsapp.
 
Optus to delist from ASX
Singtel cites low share trade activity.
 
Sign up to receive CRN email bulletins
   FOLLOW US...
Polls
Do grey market imports hurt your business?

Latest Comments
CRN Magazine

Issue: 336 | March 2015

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.