Researchers demo ability to steal passwords by jailbreaking Apple's iPhoneResearchers from Germany have demonstrated a way to quickly retrieve passwords from the stored keychain of a locked iPhone or iPad by obtaining the device and jailbreaking it.
The Fraunhofer Institute Secure Information Technology team have demonstrated their exploit online, proclaiming that an "attacker can retrieve passwords in 6 minutes." The hack requires the person to have access to the physical phone, and relies on "jailbreaking" the device, a term used to refer to hacking Apple's iOS mobile operating system to allow users to run unauthorized code.
In a video detailing the exploit, Fraunhofer shows a password-locked iPhone tethered to a computer via USB and then jailbroken. The attacker then accesses the filesystem of the handset and copies a keychain access script to the device.
From there, the script can be executed, and passwords stored on the iPhone can be extracted. All of this can reportedly be accomplished without even unlocking the password-protected phone, with all of the data transferred via USB to a connected PC.
The research firm claims that the "flawed security design affects all iPhone and iPad devices containing the latest firmware."
Apple has discouraged jailbreaking of iOS devices, including the iPhone, iPad and iPod touch, noting that the practice can result in significant security risks. In 2009, a worm targeting jailbroken iPhones affecting some users who did not change tehir default SSH password, which allows file transfers between phones.
Jailbreaking can be used to steal software from the App Store, while it can also be employed to run unauthorized third-party applications or operating system customization and modifications not allowed by Apple. A significant community dedicated to jailbreaking has emerged since the iPhone was first released in 2007, and it has gone back and forth with Apple as the Cupertino, Calif., company works to patch exploits and jailbreakers look to discover them.
Last November, Apple enhanced the security of iOS devices by making the Find My iPhone service free. Previously, the functionality was only available to users who subscribed to Apple's $99-per-year MobileMe service.
Using Find My iPhone, a user can remotely track a missing iPhone, iPad or iPod touch, provided the device has a data connection available. The owner of the device can also remotely disable or wipe all data from the missing hardware.
On Topic: iPhone
- Orlando Magic are first NBA team to support Apple Pay for in-arena purchases
- T-Mobile announces new 'Data Stash' rollover mobile data plans starting with 10GB for free
- Samsung in talks with LoopPay to launch Apple Pay competitor in 2015
- Canadian government details antitrust charges against Apple
- Apple poised to overtake Nokia in mobile phone sales after 26% iPhone surge in Q3