Print
Researchers at the Fraunhofer Institute Secure Information Technology in Germany have shown that an iPhone or iPad can be hacked to reveal passwords stored in Apple's keychain password manager. This can be accomplished even if the device is locked with a passcode. The attack requires no special circumstances, just an iPhone, jailbreaking software, and the code developed by the researchers.
After jailbreaking the iPhone, the security gurus at the Fraunhofer Institute installed an SSH server on the phone. Then, while the device is still locked, a keychain access script is fed into the phone. The device then happily spits out to Gmail accounts, Wi-Fi networks, Exchange accounts, voicemail, and some app passwords. This is possible because Apple encrypts many passwords using keys in the device, and this is not connected with the overall device lock.
If a corporate iOS device goes missing, it could be a treasure trove of data. The researchers offer some prudent advice saying, "Owner's of a lost or stolen iOS device should therefore instantly initiate a change of all stored passwords." Do you think the risk is real, or have the researchers left something out?
Comments are closed on this article
bminor13
February 10, 2011 at 10:37pm
This is likely only possible because the two default logon/password combos for every iPhone/iPod are widely known - namely root/alpine and mobile/alpine. A knowledgeable person can therefore jailbreak your phone and SSH into it and have unrestricted access to the filesystem, as stated above.
If users, however, jailbroke their device and changed the password using the 'passwd' terminal command, then the would-be attacker wouldn't have as easy of a time stealing data.
TheQuietShadow
February 10, 2011 at 7:45pm
Ha! Now tell me how the iPhone is better than Android... You can't!
