Slashdot Mirror

← Back to Stories (view on slashdot.org)

iPhone Root Password Hacked in Three Days

Posted by ryuzaki0 on from the not-that-it-will-do-anybody-any-good dept.

unPlugged-2.0 writes "An Australian developer blog writes that the iPhone root password has already been cracked. The story outlines the procedure but doesn't give the actual password. According to the story: 'The information came from an an official Apple iPhone restore image. The archive contains two .dmg disk images: a password encrypted system image and an unencrypted user image. By delving into the unencrypted image inquisitive hackers were able to discover that all iPhones ship with predefined passwords to the accounts 'mobile' and 'root', the last of which being the name of the privileged administration account on UNIX based systems.' Though interesting, it doesn't seem as though the password is good for anything. The article theorizes it may be left over from development work, or could have been included to create a 'false trail' for hackers."

31 of 311 comments (clear)

  1. Whoo-hoo by gtrubetskoy · · Score: 5, Funny

    Now we can make phone calls as root!

    1. Re:Whoo-hoo by skuzzlebutt · · Score: 5, Funny

      yeah, instead of having to sudo to call my girlfriend...what a pain.

      --
      My debut novel AMITY now available: http://jeremydbrooks.c
    2. Re:Whoo-hoo by Silver+Sloth · · Score: 5, Funny

      Come on, this is /.

      You don't call your girlfriend, you download her videos from Pirate Bay.

      --
      init 11 - for when you need that edge.
    3. Re:Whoo-hoo by Control+Group · · Score: 5, Funny

      But then she'll make you a sandwich.

      [It's only been 18 seconds since I hit reply, and, in order to give everyone a chance to post, slashdot requires me to slow down, cowboy!]

      --

      Reality has a conservative bias: it conserves mass, energy, momentum...
    4. Re:Whoo-hoo by Belacgod · · Score: 5, Funny
      Two hackers are struggling for control of a zombied machine...what do you call that?

      Sudo wrestling.

      Thanks, I'll be here all night.

  2. Created for... by whisper_jeff · · Score: 5, Funny

    ...or could have been included to create a 'false trail' for hackers."

    Or it was created to generate topics on Slashdot when it's discovered...

  3. Mmmmm, honey..... by Itninja · · Score: 2, Funny

    "...or could have been included to create a 'false trail' for hackers."
    If this really is a honeypot 'password', that'd be pretty cool. They should have some code that will covertly download the entire Jim Neighbors catalog whenever the root password is accessed.
    --
    I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
  4. phew by packetmon · · Score: 5, Funny

    Loaded 2 passwords with 2 different salts (Standard DES [64/64 BS])
    alpine (mobile)
    dottie (root)
    guesses: 2 time: 0:00:00:16 (3) c/s: 551883 trying: royour - b1o2w8
    For a second I was imagining the hoRRORble marketing money they would have had to spend if they would have cracked it and it would have read:

    windows (mobile)
    blows (root)

    or

    gates (mobile)
    sucks (root)
    --
    Infiltrated dot Net
  5. Re:Passwords by techpawn · · Score: 5, Funny

    More secure than Microsoft whose default passwords are usually blank.

    --
    Ask not what you can do for your country. Ask what your country did to you
  6. Re:Mmmmm, honey.....(Oops, should be Nabors) by andawyr · · Score: 2, Funny

    Yeah? That'd be great, since I *love* Jim Nabors...

  7. Re:Not that big a deal by Leto-II · · Score: 5, Funny

    I'd submit it!

    Is this like the geek equivalent of the frat-boy phrase, "I'd hit it!"?
    --
    Do not anger the worm.
  8. Re:Prediction... by Dahamma · · Score: 5, Funny

    Since iPhones don't have any kind of access that makes this "discovery" meaningful

    That pretty much sums up how useless this article was.

    By the way, if anyone wants it, you can have the combination to my luggage.

  9. Re:Passwords by Anonymous Coward · · Score: 5, Funny

    Apple is fucked. Btw "root alpine" is an anagram for "rape lotion", how appropriate.

  10. Re:Prediction... by untaken_name · · Score: 5, Funny

    Assuming the iPhone is hacked to the point where it's easily modifiable, yes, it will have the opposite effect in the extremely small niche market.

    In the mainstream, this can easily get spun as the iPhone is extremely insecure, and has been "broken into", causing normal people to steer very clear.

    Doesn't the price tag already do that?

    --
    http://xkcd.com/386/
  11. Why this won't do any good by sjonke · · Score: 3, Funny

    The article left out the detail that the reason these passwords won't do you any good is that you only get 3 tries to enter them before your locked out. Goop lick.

    --
    --- What?
  12. Re:Prediction... by m0nkyman · · Score: 5, Funny

    If it isn't one of the following I'd be shocked:
    123 000 999 666

    Those four will open 99% of all luggage in the world that doesn't contain a laptop, cash or a gun.

    --
    ~ a low user id is no indication I have a clue what I'm talking about.
  13. Theories by suv4x4 · · Score: 2, Funny

    The article theorizes it may be left over from development work, or could have been included to create a 'false trail' for hackers.

    Even better, I suspect this is the major reason Leopard was delayed. iPhone's software was completed all along: all those OSX developers were assigned to create numerous false trails for hackers, on the iPhone.

  14. Re:Prediction... by myatmpinis1234 · · Score: 2, Funny

    Guess I better change my ATM pin.

  15. Re:Prediction... by dave562 · · Score: 2, Funny
    Those four will open 99% of all luggage in the world that doesn't contain a laptop, cash or a gun.

    And 23% of those that do? And 69% of those that contain two of the three? And what percent of statistics are complete bullshit again?

  16. Re:Prediction... by untaken_name · · Score: 5, Funny

    Well, I'd just say that someone who reads/posts to /. doesn't fit *my* vision of of a "normal person". Maybe that's geekist of me.

    --
    http://xkcd.com/386/
  17. Re:Passwords by catmistake · · Score: 5, Funny

    You've got it upside down.
    The password for alpine is root, the dottie user account password is mobile.

    --
    The Admin and the Engineer
  18. Re:Prediction... by untaken_name · · Score: 3, Funny

    Oh, you mean it's like a law degree! Got it. My mistake.

    --
    http://xkcd.com/386/
  19. Re:Prediction... by untaken_name · · Score: 2, Funny

    Well, first of all, thank you. And second of all, I wish you had mod points, too. Except that if you *had* had them, and then you posted, they'd be gone...so I guess it's a moo point, after all. (Yes, that was a Friends reference and not an inadvertant misuse, just in case anyone was wondering.)

    --
    http://xkcd.com/386/
  20. Re:Ummmm..... by untaken_name · · Score: 2, Funny

    Once again, though, my OP is correct. When I see someone carrying a MacBook Pro(tm), wearing an iPod(tm) and talking on an iPhone(tm), the *last* thing I think is, "That is a normal person."

    --
    http://xkcd.com/386/
  21. Re:Passwords by Man+Eating+Duck · · Score: 5, Funny

    Btw "root alpine" is an anagram for "rape lotion"
    Huh? For a moment I wondered how that occurred to you, but on the other hand I don't really want to know...
    --
    Are you a grammar Nazi? I'm trying to improve my English; please correct my errors! :)
  22. Paris Hilton by jmickle · · Score: 5, Funny

    Anyone find her iphone yet? Id like to see another movie....

  23. Re:Passwords by uufnord · · Score: 5, Funny

    Everyone's got it upside down.

    The root password is au!dle

    The mobile password is a!++op

  24. Re:Prediction... by Anonymous Coward · · Score: 5, Funny
    Those four will open 99% of all luggage in the world that doesn't contain a laptop, cash or a gun.

    I don't get it. What world doesn't contain a laptop, cash, or a gun, and yet has luggage?

  25. Re:Prediction... by Anonymous Coward · · Score: 5, Funny

    Also, FYI: Calling anyone a "fanboy" immediately identifies you an ignorant troll and ensures that nothing you have to say is worth hearing.
    Exactly, because the proper term is "fanboi".
  26. Re:Ummmm..... by aichpvee · · Score: 2, Funny

    The *first* thing you think is, "that is a stupid person." Am I right?

    --
    The Farewell Tour II
  27. Re:Prediction... by LarsG · · Score: 2, Funny

    And no 3 number combination will open *that* luggage. Smart burglars just say no to sapient pearwood.

    --
    If J.K.R wrote Windows: Puteulanus fenestra mortalis!