Friday, February 11, 2011
German Researchers Highlight Security Threats of Jailbreaking
German researchers have come froward with a public warning: If someone steals your iPhone and jailbreaks it, they may be able to retrieve your sensitive passwords. As a result, the "Fraunhofer Institute Secure Information Technology" team has released a new video showcasing the perceived "security threats" posed by jailbreaking, a situation in which an "attacker can retrieve passwords in 6 minutes."
The video demonstrates a password-locked iPhone tethered to a computer via USB. Following a snappy jailbreak, the hoodlum taps into the device's filesystem and nefariously copies a keychain access script. When executed, the script enables all the passwords stored on the iPhone to be viewed after extraction. This "flawed security design" - which affects all iPhone and iPad devices containing the latest firmware - makes all of the above possible without the need to even unlock a password-protected handset.
While the video and demonstrated process largely fail to tell our community something it doesn't already know, the discussion itself speaks to a bigger issue. The surplus of recent talk surrounding the security weaknesses of the iPhone and other jailbreaking-related dangers is leading up to the unveiling of the iPhone 5 this summer. The 5th generation iPhone is believed to be deeply vested in ramped-up security features. As a result, some in the jailbreaking community believe that Apple is about to make "doing our thing" exponentially more difficult to do.
The video demonstrates a password-locked iPhone tethered to a computer via USB. Following a snappy jailbreak, the hoodlum taps into the device's filesystem and nefariously copies a keychain access script. When executed, the script enables all the passwords stored on the iPhone to be viewed after extraction. This "flawed security design" - which affects all iPhone and iPad devices containing the latest firmware - makes all of the above possible without the need to even unlock a password-protected handset.
While the video and demonstrated process largely fail to tell our community something it doesn't already know, the discussion itself speaks to a bigger issue. The surplus of recent talk surrounding the security weaknesses of the iPhone and other jailbreaking-related dangers is leading up to the unveiling of the iPhone 5 this summer. The 5th generation iPhone is believed to be deeply vested in ramped-up security features. As a result, some in the jailbreaking community believe that Apple is about to make "doing our thing" exponentially more difficult to do.
