Quantcast

iPhone Hack Reveals Password in Six Minutes [Video]

Protecting the contents of your iPhone with a passcode alone is not enough. German researchers were able to reveal an iPhone’s passcode in six minutes.

…the researchers first jailbreak the phone using existing software tools. They then install an SSH server on the iPhone that allows software to be run on the phone.The third step is to copy a keychain access script to the phone. The script uses system functions already in the phone to access the keychain entries and, as a final step, outputs the account details it discovers to the attacker.

The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.

Here’s a video of the attack:

No device is immune to an attack, but obviously it’s up to users to setup a passcode/password in the first place, and to always know where your iPhone is. Even with Find My iPhone, it can be easily disabled–if someone pops out your SIM card or turns on Airplane mode. At the end of the day, all companies need to work on security, especially Apple (remember this passcode flaw?).

What do you think of this video? Are you…scared?

[PC World]

Founder and Editor-in-Chief of iPhoneinCanada.ca. Follow me on Twitter, and @iPhoneinCanada, and on Google+.

  • Flaxx

    Apple needs to extend combine Mobile Me’s “Find my iPhone” with their activation server, because whenever a new firmware is attempted to be loaded (unless cached), phone is activated, Apple store is accessed, or push notification is sent, Apple knows the device’s UUID. So if these Apple tied this to the “find my iphone” feature, you could permanently have the phone send it’s GPS (until it’s taken out of “stolen” status) and there wouldn’t be any way around it save changing the UUID which isn’t possible.

    The theif would basically be left with a glorified iPod classic that he cannot restore or he’d be stuck with a restore screen (and a phone that keeps sending its GPS coordinates every time an attempt is made to activate it).

  • AZ

    As far as I can tell, if you are jailbroken and have changed the default root/mobile passwords, you are safe.

  • Anonymous

    Exactly this works if you have not changed the default “alpine” so that SSH connections will not work

    So if you did then you are immune to this hack :)

  • Sevael

    This article is misleading. Visiting the original source article clears up the confusion.

    The German researchers were able to reveal the *passwords* stored on a locked iPhone, not the passcode itself. Bypassing a passcode in itself is easy if you’re in possession of the phone (backup via iTunes, restore from backup, no more passcode) but that also clears all stored passwords.

    The researchers are looking for other passwords stored on the phone, not the passcode itself. This article is worded in a misleading way.

  • gordunramsie

    The article is misleading, especially for picky DONKEYS like yourself.

    It’s very clear. Passcode=password. Originally, numbers were only allowed for passcodes but now we can use words too.

    Obviously if someone WATCHED THE YOUTUBE CLIP it wouldn’t be misleading. You’re being picky.

    WAKE UP.

  • Anonymous

    ya remember not only to change the default root but also the movile password. su [enter] passwd mobile [enter]

  • Sevael

    Rude *and* wrong.

    I did watch the clip, and nowhere did it reveal the person’s passcode. The passcode is what you use to unlock the phone. Passwords are stored on the phone for things like website logins, wi-fi logins, apps, etc. That is what they revealed in the video (and the original article, which you probably didn’t read).. At no point was the passcode to the phone revealed, nor was it needed. That’s the entire point of the original PC World article, that the original passcode is not needed to retrieve all passwords on the phone. The PC World article got it right, but this IIC article has it wrong.

    Maybe you should actually look into things instead of jumping to conclusions and making yourself look like yet another internet loser? :)