In association with heise online

24 July 2009, 20:20

Hacker says iPhone's encryption is a placebo

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

iPhone encryption notice
Zoom iPhone encryption notice
In an interview with Wired, Jonathan Zdziarski describes how easy it is to crack the hardware encryption that was introduced with the recent launch of the iPhone 3GS. All that's needed, he says, is to install a custom kernel on the phone using a free and widely available jail-breaking tool. Once the custom kernel is installed, porting the iPhone's raw disk image to another computer using a Secure Shell (ssh) client results in the iPhone automatically decoding the encrypted data stored on it, during the copying process. There's actually no need to guess the private keys or use a brute force attack to determine them.

Zdziarski says the whole process should take no more than 45 minutes. According to iPhone Insecurity, it is also possible to quickly bypass the advertised MobileMe function for remotely wiping data. All you have to do is take out the SIM card.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit