Home
Build a PC

Build a PC Featured Content

Build It: Three Radeon HD 7970s—One Monster PC

Build a PC on Any Budget: Three Builds from $500 to $2000

Intel's Ivy Bridge: The Maximum PC Review

Kepler Unveiled: Nvidia's GTX 680 Benchmarked In-Depth!

Is Your SATA Cable Slowing Down Your Data Transfers? Max PC Investigates

All Build a PC Articles
Windows
Windows RSS
Windows Featured Content

Windows 8 on Arm – Everything You Need To Know About WOA

Looking Forward: Our Predictions for Windows 9

8 Things We Hate About Windows 8

8 Things We Love About Windows 8

The Big Guide: 20 Tips and Tricks to Get The Most Out of Windows 8

All Windows Articles
Best of the Best
Hardware
- Hardware Home
- CPU
- Memory
- Video Cards
- Cases
- Cooling
- Displays
- Motherboards
- Reviews
Hardware RSS
Hardware Featured Content

Build It: Upgrading an X58 Rig into a Gaming Powerhouse

Build a PC on Any Budget: Three Builds from $500 to $2000

PC Pr0n: 25 New, Kick-Ass Case Mods

Intel's Ivy Bridge: The Maximum PC Review

Gaming Showdown: Playstation Vita vs iPhone 4S

All Hardware Articles
Software
Software RSS
Software Featured Content

Windows 8 on Arm – Everything You Need To Know About WOA

8 Things We Hate About Windows 8

How To Try Windows 8 Out Today With a Dual Boot Installation or Virtualization

Seven Ways to Stop Piracy WITHOUT DRM

In Search of the Suite Spot: 3 Media Creation Packages Face Off

All Software Articles
Gaming
- Gaming Home
- Reviews
- Hardware
- Software
- Gaming PCs
- Bioshock
Gaming RSS
Gaming Featured Content

The Game Boy: Game Endings Aren't Bad – They're Just Misunderstood

Never Be Productive Again: The 20 Best New Browser Games

Gaming Showdown: Playstation Vita vs iPhone 4S

Eurocom Neptune 3D Review

Maximum PC's 2011 Gaming Awards

All Gaming Articles

New iPhone Hack Can Steal Passwords from Locked Device

Posted 02/10/2011 at 3:54pm | by Ryan Whitwam

3

Comments

Print

iphone Researchers at the Fraunhofer Institute Secure Information Technology in Germany have shown that an iPhone or iPad can be hacked to reveal passwords stored in Apple's keychain password manager. This can be accomplished even if the device is locked with a passcode. The attack requires no special circumstances, just an iPhone, jailbreaking software, and the code developed by the researchers.

After jailbreaking the iPhone, the security gurus at the Fraunhofer Institute installed an SSH server on the phone. Then, while the device is still locked, a keychain access script is fed into the phone. The device then happily spits out to Gmail accounts, Wi-Fi networks, Exchange accounts, voicemail, and some app passwords. This is possible because Apple encrypts many passwords using keys in the device, and this is not connected with the overall device lock.

If a corporate iOS device goes missing, it could be a treasure trove of data. The researchers offer some prudent advice saying, "Owner's of a lost or stolen iOS device should therefore instantly initiate a change of all stored passwords." Do you think the risk is real, or have the researchers left something out?

Tags:

3

Comments

Comments are closed on this article

bminor13

February 10, 2011 at 10:37pm

This is likely only possible because the two default logon/password combos for every iPhone/iPod are widely known - namely root/alpine and mobile/alpine. A knowledgeable person can therefore jailbreak your phone and SSH into it and have unrestricted access to the filesystem, as stated above.

If users, however, jailbroke their device and changed the password using the 'passwd' terminal command, then the would-be attacker wouldn't have as easy of a time stealing data.

TheQuietShadow

February 10, 2011 at 7:45pm

Ha! Now tell me how the iPhone is better than Android... You can't!

bminor13

February 10, 2011 at 10:38pm

...thats really besides the point.

Connect with MaximumPC

Featured Content

The Game Boy: Game Endings Aren't Bad – They're Just Misunderstood

No BS Podcast #185: No Star Wars

The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...

10 of the Biggest Tech Stories We All Got Wrong

Nvidia GTX 690 Benchmarked

Nvidia's dual-GPU Kepler Card: we've run the numbers!

Build a PC on Any Budget: Three Builds from $500 to $2000

This month's issue

Feature

Build a PC On Any Budget

Feature

Cloud Services Showdown

How-To

Encrypt Your External Drive

Build It

Upgrade an X58 Rig

Most Commented Articles

111Comments

Woman Ordered to Decrypt Laptop Claims She "...

96Comments

How To Try Windows 8 Out Today With a Dual Boot...

91Comments

Kepler Unveiled: Nvidia's GTX 680 Benchmarked In-...

84Comments

Know The Difference: Phasers vs Blasters And 8 Other...

82Comments

YouTube Video Shows How "Real People" React...

Latest Max PC Tweets

maximumpc: Sources Say New Windows 7 PC Buyers Will Be Able To Upgrade To Windows 8 Pro For $15 http://t.co/0DZRgfCJ58 min 12 sec ago
maximumpc: Lenovo Reveals ThinkPad X1 Carbon Ultrabook, Claims World's Lightest 14-Incher http://t.co/WWaS6u3023 hours 1 min ago
maximumpc: RT @nvidia: Another announcement coming! Putting the GPU in the cloud #gtc121 day 2 hours ago

MaximumPC on Facebook

Recommendations

New iPhone Hack Can Steal Passwords from Locked Device

New iPhone Hack Can Steal Passwords from Locked Device

Here's What You Get:

More like this

Comments

bminor13

TheQuietShadow

bminor13

Log in to MaximumPC directly or log in using Facebook

Connect with MaximumPC

Featured Content

This month's issue

Feature

Feature

How-To

Build It

Buy Subscription

Most Commented Articles

Latest Max PC Tweets

MaximumPC on Facebook