backtop


Print 29 comment(s) - last by erple2.. on Feb 15 at 1:29 PM


Lose your iPhone? If the person who took it happens to know a little programming, you've probably now lost all your passwords, thanks, in part, to Apple's poor OS design.  (Source: technabob)

"I prefer to be called a hacker!"
The state of iPhone (in)security is yet again apparent

Apple's iPhone has been the brunt of much ridicule from security professionals/hackers.  It was shown to be far easier to hack than its Android and RIM competitors.  

Now, researchers Jens Heider [profile] and Matthias Boll at Germany's Fraunhofer Institute Secure Information Technology (Fraunhofer SIT) have shown how the iPhone will literally give away its password via a process that takes less than six minutes and requires no password cracking.

To snatch the password, you first need to perform a fast jailbreak.  Then you need to install an SSH server (not usually allowed by Apple).  From there the only remaining step is to run a short keychain access script that uses Apple's own system functions to output all of the user's screen-names and passwords.

Among the items lost may include passwords to Google Mail as an MS Exchange account, other MS Exchange accounts, LDAP accounts, voicemail, VPN passwords, Wi-Fi passwords, and some app passwords

The researchers write:

As soon as attackers are in the possession of an iPhone or iPad and have removed the device's SIM card, they can get a hold of e-mail passwords and access codes to corporate VPNs and WLANs as well. Control of an e-mail account allows the attacker to acquire even more additional passwords: For many web services such as social networks the attacker only has to request a password reset.

...

Owner's of a lost or stolen iOS device should therefore instantly initiate a change of all stored passwords. Additionally, this should be also done for accounts not stored on the device but which might have equal or similar passwords, as an attacker might try out revealed passwords against the full list of known accounts.

Fraunhofer has opted for full-disclosure, publishing a paper [PDF] explaining how to execute the attack.  It has also posted a tutorial video on how it did the attack.

Again this attack requires about four things -- possession of your target's iPhone, moderate coding/computer expertise, the ability to download existing exploit tools (the jailbreak utility and SSH server app), and about 6 minutes of free time.

Now, Fraunhofer might have a tad bit of self-interest in publishing these details in all its glory.  It sells a Java app to securely store passwords, which offers competition to the built in functionality of the iPhone.

We could not reach Apple for comment on this story as of press time.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Rofl Falafels
By ElderTech on 2/10/2011 1:31:47 PM , Rating: 4
The impact this issue will probably have on the general consumer is likely rather insignificant. The probability of a single lost or stolen iPhone falling into the hands of a thief with 1] the requisite computer hacking skills, and 2] the knowledge of the process and the required tools (i.e. Apple server access) to perform the hack, has to be very low.

In addition, from reading the original Fraunhofer PDF, the ability to access specific applications within the keychain is limited for the general public, with many, including most general emails like AOL, Gmail and Yahoo, as well as many "apps", still being protected. It really all depends on the extent to which you utilize the mail server for access to applications like MS Exchange, and therefore the impact on business use is much more an issue.

If there were an option to simply turn off the automatic saving of access information, particularly passwords, and require manual entry of them each time it was necessary to access the application, all this would be moot. But convenience is KING, and with today's technology, what the public wants is what the public gets, whether they really want it or not, as they are usually ignorant of the potential risks and downsides to each new innovation.

In any event, the public vetting of this information will hopefully foster an Apple initiative to properly protect such personal information in the next iOS release, presumably iOS 4.3.x.


RE: Rofl Falafels
By JakLee on 2/10/2011 1:45:14 PM , Rating: 2
quote:
<snip>If there were an option to simply turn off the automatic saving of access information, particularly passwords, and require manual entry of them each time it was necessary to access the application, all this would be moot.</snip>


I would have +1'd you for the correct usage of MOOT (instead of the oft used incorrect MUTE) save I had already used all my +'s - so instead you get a nice comment!


RE: Rofl Falafels
By transamdude95 on 2/10/2011 3:29:20 PM , Rating: 2
quote:
I would have +1'd you for the correct usage of MOOT (instead of the oft used incorrect MUTE) save I had already used all my +'s - so instead you get a nice comment!


...which in turn removed all of your likely tasteful and appropriate +'s. I, too, like seeing the correct spelling of 'moot', almost as much as I like seeing the correct usage of 'to' and 'too'.


RE: Rofl Falafels
By erple2 on 2/15/2011 1:29:03 PM , Rating: 2
Hrm. In that case, both words work, albeit loosely in the mute sense.


RE: Rofl Falafels
By Samus on 2/10/2011 2:45:55 PM , Rating: 1
ElderTech,

You have us all wrong. If I found an iPhone, I'd feel personally responsible to jailbreak it and collect all of the douchbags passwords and continue to completely fuck with them. Why? Because the asshole bought an iPhone.


"We basically took a look at this situation and said, this is bullshit." -- Newegg Chief Legal Officer Lee Cheng's take on patent troll Soverain














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki