Researchers demo ability to steal passwords by jailbreaking Apple's iPhone
The Fraunhofer Institute Secure Information Technology team have demonstrated their exploit online, proclaiming that an "attacker can retrieve passwords in 6 minutes." The hack requires the person to have access to the physical phone, and relies on "jailbreaking" the device, a term used to refer to hacking Apple's iOS mobile operating system to allow users to run unauthorized code.
In a video detailing the exploit, Fraunhofer shows a password-locked iPhone tethered to a computer via USB and then jailbroken. The attacker then accesses the filesystem of the handset and copies a keychain access script to the device.
From there, the script can be executed, and passwords stored on the iPhone can be extracted. All of this can reportedly be accomplished without even unlocking the password-protected phone, with all of the data transferred via USB to a connected PC.
The research firm claims that the "flawed security design affects all iPhone and iPad devices containing the latest firmware."
Apple has discouraged jailbreaking of iOS devices, including the iPhone, iPad and iPod touch, noting that the practice can result in significant security risks. In 2009, a worm targeting jailbroken iPhones affecting some users who did not change tehir default SSH password, which allows file transfers between phones.
Jailbreaking can be used to steal software from the App Store, while it can also be employed to run unauthorized third-party applications or operating system customization and modifications not allowed by Apple. A significant community dedicated to jailbreaking has emerged since the iPhone was first released in 2007, and it has gone back and forth with Apple as the Cupertino, Calif., company works to patch exploits and jailbreakers look to discover them.
Last November, Apple enhanced the security of iOS devices by making the Find My iPhone service free. Previously, the functionality was only available to users who subscribed to Apple's $99-per-year MobileMe service.
Using Find My iPhone, a user can remotely track a missing iPhone, iPad or iPod touch, provided the device has a data connection available. The owner of the device can also remotely disable or wipe all data from the missing hardware.
65 Comments
Researchers from Germany have demonstrated a way to quickly retrieve passwords from the stored keychain of a locked iPhone or iPad by obtaining the device and jailbreaking it. ...
Meanwhile, researchers from everywhere have demonstrated that it's possible to retrieve passwords that are intended to be retrievable in unencrypted form from any system that you have physical and root access to. ...
And did you know that by actually having my phone they would deprive me of it's use?
Meanwhile, researchers from everywhere have demonstrated that it's possible to retrieve passwords that are intended to be retrievable in unencrypted form from any system that you have physical and root access to. ...
So you're saying this was designed this way? What if someone's iphone has naked photos, or business secrets? Shouldn't they be alarmed that their password can be considered useless if the phone gets stolen?
I bet you would find this is possible with most phones, but because of the iphone's popularity, it gets the attention from people looking to do such things. Kind of like how Windows gets all the attention from virus makers.
You give any security expert physical access to any computerized device and they can get any data out of it that they want.
Because you actually install an .ipsw file (or something like that) that is like a whole disk partition and you loose any content (programs and data) on your iPhone. That's what I learnt sometime ago, but maybe that is not true anymore or I just not got it right in the first place.
Could any body confirm this? I'll certainly appreciate more insight from this topic