iPhone Exploit Allows Access To Data Even With Passcode Protection
Bernd Marienfeldt, a London based IT security expert has recently published a report that reveals a serious security loophole in the iPhone.
According to him, the vulnerability can enable hackers to access data of an iPhone even if it is secured with the latest iPhone OS update and locked with a passcode. This is possible by merely connecting an iPhone to a computer running the latest Ubuntu Lucid Lynx OS.
Elaborating on the kinds of data that can be accessible via this simple hack, Marienfeldt writes:
"This data protection flaw exposes music, photos, videos, podcasts, voice recordings, Google safe browsing database, game contents… by in my opinion the quickest compromising read/write access discovered so far, without leaving any track record by the attacker. It’s about to imagine how many enterprises (e.g. Fortune 100) actually do rely on the expectation that their iPhone 3GS’s whole content is protected by encryption with a passcode based authentication in place to unlock it."
Marienfeldt explains that the problem in this case lies with the failure of the iPhone to offer a full disk encryption (FDE) functionality. The absence of FDE would make it possible for the non-encrypted files to be accessed via a platform like Lucid Lynx that is not properly authenticated under the current circumstances. Consequently, while an unprotected mounting of iPhone on computers running Macintosh, Windows 2000 SP2, Windows 7 or Ubuntu 10.04 offers access only to the DCIM folder of the iPhone, users mounting the device on a Ubuntu Lucid Lynx machine are provided access to a lot more content.
According to Marienfeldt there are ways to get around both the on-device encryption that is available in iPhone 3GS as well as the encrypted backups that can be saved via iTunes. He says:
"The only benefit hardware encryption [as implemented] is that it makes wipes faster, by just dropping the [encryption] key,"
He goes on to add that even the remote wipe feature can be easily bypassed by removing the iPhone's SIM card.
Marienfeldt has revealed that Apple is learned to be currently working on the issue though there is no information on when a fix for this issue is likely to be provided. We wonder if the new data protection feature on iPhone OS 4 shall be able to tackle this loophole. What do you think?