iPhone Hardware Data Encryption is #fail
By on May 27th, 2010

Apple has more than once, boasted about the hardware data encryption used on its flagship iPhone. The hardware encryption uses a 256-bit AES and is an in your face feature as it cannot be disabled by users even if they want to.

An iPhone can be connected to a PC just like any other device though the connection requires the standard methods of authentication by a passcode and an initial pairing. Further, connecting a locked iPhone to a computer is also not possible.

However, all this falls under common and conventional realms. Bernd Marienfeldt, a security officer at UK internet node LINX, has discovered something interesting treading beyond these boundaries.He saw that if he connected his iPhone to his Ubuntu based system and rebooted it, he could gain a full read/write access to all internal files and folders since Ubuntu auto-mounts the file system. This process does not even require the iPhone to be paired to that computer.

Although Apple has been informed of the matter, it is not sure if they will release a fix to this.  Apple has started investigating into the matter and is under the assumption that this is caused by a race condition between the iPhone turning on and it’s file system being identified on USB.

It is funny to see how Apple has always shunned Linux and now, the simplest of the Linux makes its state of the art defense mechanisms look completely stupid.

(Source)

Tags: , ,
Author: Chinmoy Kanjilal Google Profile for Chinmoy Kanjilal
Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. He rants occasionally at Techarraz.com. You can connect with him on Twitter @ckandroid.

Chinmoy Kanjilal has written and can be contacted at chinmoy@techie-buzz.com.
  • Indian Art

    Ubuntu is the best!

 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN