Slashdot Mirror

← Back to Stories (view on slashdot.org)

iPhone 3Gs Encryption Cracked In Two Minutes

Posted by Soulskill on from the see-it-really-is-fast dept.

An anonymous reader writes "In a Wired news article, iPhone Forensics expert Jonathan Zdziarski explains how the much-touted hardware encryption of the iPhone 3Gs is but a farce, and demonstrates how both the passcode and backup encryption can be bypassed in about two minutes. Zdziarski also goes on to say that all data on the iPhone — including deleted data — is automatically decrypted by the iPhone when it's copied, allowing hackers and law enforcement agencies alike access the device's raw disk as if no encryption were present. A second demonstration features the recovery of the iPhone's entire disk while the device is still passcode-locked. According to a similar article in Ars Technica, Zdziarski describes the iPhone's hardware encryption by saying it's 'like putting privacy glass on half your shower door.' With the iPhone being sold into 20% of Fortune-100s and into the military, just how worried should we be with such shoddy security?"

7 of 179 comments (clear)

  1. But... by thePsychologist · · Score: 5, Funny

    This is a feature. Cracking is yet another thing about the iPhone that Just Works. I believe Steve Jobs would be proud.

    --
    "What lies behind us, and what lies before us are tiny matters compared to what lies within us." Ralph Waldo Emerson
  2. Re:I put privacy glass . . . by frosty_tsm · · Score: 5, Funny

    I put privacy glass on the top half of the shower door so I don't have to look at the people watching me, which seems to be the same kind of privacy I can expect on my iPhone 3G.

    Fixed it for you.

  3. The same F500 and military that use Windows? by gig · · Score: 5, Informative

    Until the Fortune 500 and the military stop using Microsoft products, I won't lose a blink of sleep over them using Apple products. This guy had to have physical access to the iPhone to crack it, and even then the iPhone did not start sending its data out over the Internet along with a virus payload that formed a massive botnet that crippled Internet bandwidth.

    My understanding is that the encryption in the 3GS is not meant to prevent a user with physical access to the device from accessing the data. It's to make Remote Wipe instant instead of taking 1 hour per gigabyte because the Remote Wipe only has to destroy the decryption keys, not every bit of data on the disk. When you Remote Wipe an iPhone 3G it takes 1 hour per gigabyte to destroy the data. With a 3GS, it takes a few seconds.

    In this case, the hacker not only had the iPhone in his physical possession, but it was not Remote Wiped, so he also had the keys in his possession. How is it at all surprising that he was able to get in?

    1. Re:The same F500 and military that use Windows? by nxtw · · Score: 5, Insightful

      In this case, the hacker not only had the iPhone in his physical possession, but it was not Remote Wiped, so he also had the keys in his possession. How is it at all surprising that he was able to get in?

      Because if that same hacker had a Blackberry in his possession with encryption enabled, he would not be able to get in.

    2. Re:The same F500 and military that use Windows? by Anonymous Coward · · Score: 5, Insightful

      My understanding is that the encryption in the 3GS is not meant to prevent a user with physical access to the device from accessing the data. It's to make Remote Wipe instant instead of taking 1 hour per gigabyte because the Remote Wipe only has to destroy the decryption keys, not every bit of data on the disk. When you Remote Wipe an iPhone 3G it takes 1 hour per gigabyte to destroy the data. With a 3GS, it takes a few seconds.

      Isn't the point of remote wipe to prevent unauthorized access to the data on the physical device? So, it doesn't matter how long it takes to do the remote wipe if the keys can be broken in 2 minutes since that leaves only a small window of time to do the wipe. Especially if the attacker can copy the entire contents of the iPhone to a remote storage device and do it offline.

      Disk encryption, especially mobile and laptop, should be designed specifically to prevent data retrieval when physical possession is obtained by an attacker.

  4. Wow, this guy is hard core... by risk+one · · Score: 5, Funny

    He even encrypted his last name.

  5. Re:interesting by PnjDbq · · Score: 5, Informative

    The iPhone starts injecting time delays into the login/wipe process, I believe after the first 5 incorrect attempts. First one minute, then 5 minutes, and I have never had the patience to watch much beyond that. You can still sabotage the phone, but it's not fast.