Researcher Discovers 'Data Protection Vulnerability' in iPhone

Data Security | News | Kara Reeder, Friday, May 28, 2010
Apple, Authentication Systems, Data Security, Encryption, iPhone, Mobile Device Security, Vulnerabilities and Patches
Security and IT blogger Bernd Marienfeldt has discovered a "data protection vulnerability" in Apple's iPhone 3GS.

According to PCWorld.com, the vulnerability occurs when an up-to-date, non jail-broken, PIN-protected iPhone (powered off) is plugged into a computer running Ubuntu Lucid Lynx. This will allow a hacker to see practically all of the user's data and leaves no trace of the hack.

Says Marienfeldt:

iPhone security really only applies with having a sensible trust in Apple's business model,  being the gatekeeper for your own security needs, and when the user’s attitude takes into account that the iPhones Hard Disk encryption and Authentication model is useless toward storage protection.

Apple has been notified about the flaw, but has not corrected it.

Comments (0) Bookmark and Share

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <b> <i>

More information about formatting options