iPhone's PIN-Based Security Transparent To Ubuntu

← Back to Stories (view on slashdot.org)

iPhone's PIN-Based Security Transparent To Ubuntu

Posted by timothy on Thursday May 27, 2010 @07:19AM from the so-I-hope-you-were-using-pig-latin dept.

ndogg writes "Security experts found that the iPhone 3GS has very little security, even with a PIN set up. They plugged one into Ubuntu 10.04, and it was automounted with almost all of the iPhone's data exposed. This has been reported to Apple, but the company seems to be having difficulty reproducing the problem."

264 comments

Wow. by phyrexianshaw.ca · 2010-05-27 07:20 · Score: 0, Troll

Well, I guess that shows that even though WE can install Ubuntu on a Mac, they have trouble with even that.
1. Re:Wow. by Anonymous Coward · 2010-05-27 07:26 · Score: 0
  
  Maybe their evaluation copy of Parallels Desktop has expired and they're waiting for the renewal or license key to hit their inbox.
2. Re:Wow. by Anonymous Coward · 2010-05-27 07:58 · Score: 5, Funny
  
  I think that this is just ridiculous and just more evidence that Linux users are nothing but criminals and thieves and open source should just be outlawed. It is this "free" software that engenders this attitude of laissez-faire we can do whatever we like without paying for anything that is the direct cause of security breaches such as this with the iPhone. The fact that open sores can continue to exist despite the hundreds of intellectual thefts in the form of Microsoft's patents, Fraunhofer Institutes patents with the mp3 players, Unix copyright thefts.
  Don't you freetards get it? If you want something, you have to pay for it. And 100 dollars for something as great as an OS isn't that much. Look at the great things Bill Gates has done with his Windows money. Furthermore, you can't just steal it and expect to always get away. How are developers supposed to be paid? How is the US economy supposed to grow if its greatest companies like MS, Apple, SCO, Oracle, IBM, etc. are brought down by this communist freeware? If I had my way, you'd all be hunted down and put under the jail.
3. Re:Wow. by VGPowerlord · 2010-05-27 08:10 · Score: 5, Funny
  
  It's OK, Steve. It's OK. No need to start throwing chairs here.
  
  --
  GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
4. Re:Wow. by spazdor · 2010-05-27 08:19 · Score: 4, Funny
  
  I say we send them to boot camp.
  
  --
  DRM: Terminator crops for your mind!
5. Re:Wow. by jedidiah · 2010-05-27 08:20 · Score: 0
  
  Someone obviously didn't take their meds today...
  
  --
  A Pirate and a Puritan look the same on a balance sheet.
6. Re:Wow. by Anonymous Coward · 2010-05-27 08:26 · Score: 0, Offtopic
  
  Dear Mr. Jobs,
  Since you wrote such a succinct post on /. we freetards will stop making and distributing free software and instead purchase and run your perfect OS.
  Sincerely,
  The criminals and thieves infected with open sores
7. Re:Wow. by E+IS+mC(Square) · 2010-05-27 09:36 · Score: 0, Offtopic
  
  The irony in this comment is that it can be applied to either of the two Steves. Just saying.
8. Re:Wow. by jargoone · 2010-05-27 10:19 · Score: 2, Insightful
  
  And only one of them has the strength to lift a chair, let alone throw it.
9. Re:Wow. by Anonymous Coward · 2010-05-27 10:23 · Score: 0, Troll
  
  The #%^&ing moron who pointed this out to Apple deserves to be punched in the face.
  
  If I lose connectivity to my iPhone 3GS because of this then I'm going to find you dude.
10. Re:Wow. by Anonymous Coward · 2010-05-27 11:48 · Score: 1, Insightful
  
  Insightful? Mods... really?
11. Re:Wow. by GillyGuthrie · 2010-05-27 15:44 · Score: 1
  
  Open sores, open source, same thing.
12. Re:Wow. by Anonymous Coward · 2010-05-27 19:25 · Score: 0
  
  Yeah, this is a troll but the previous post was not...
  Fucking dumbass, blind Apple sheep.
13. Re:Wow. by jetole · 2010-05-27 20:57 · Score: 2, Interesting
  
  This is a joke. Right? I mean how is this evidence for anything other then the fact that I paid for a phone that did not have proper security programmed into it in the first place? It took open source programmers who worked for free (I assume) to point out how the paid for product had dropped the ball and didn't have real security in the first place. Furthermore, Linux is free because the author didn't want to charge for it. Are you saying the OS is invalid because he didn't put a price tag on it? By the way, if you are not joking then you should know MS, Oracle and IBM (those are just the ones I am aware of in your list) provide open source freeware (MS working on both Silverlight/Moonlight through Novell and Active Directory with/through samba). Also if you are not joking, please tell me you are confined to a institution that makes sure a spork is the most dangerous thing you have access to. You sound like the last person that should own a gun.
  
  If you think free software should be outlawed, all you are doing is mandating a law that says people have to charge for something even if they don't want to.
  
  P.S. FOSS people are not known to steal anything, instead we create it from scratch and the iPhone code that Ubuntu 10.04 uses was built from scratch it was not taken from any code apple provided as apple has never provided that code to anyone AFAIK. MS has only ever made idle threats about patents without naming any identifiable aspect of it. What have we stolen from anyone. If I don't want to use Windows or OS X then you think you have the write to say I can't program productive software for it or do you honestly believe that we have somehow hacked into apple and stolen the source code for the iPhone.
  
  P.P.S.: The post is true. I have been able to access my PIN protected iPhone 3G (not 3GS) from Ubuntu 10.04 since I installed it. The security aspect is a bit of a concern but then again, since I knew cops have been able to do this all along then I am not that surprised. The plus side is I can now upload songs to my iPhone from Linux without doing a Jail Break (I'm reluctant to Jail Break) and without having to run an app in Wine (since I hate Windows emulation) so kudos to Ubuntu for exposing a security vulnerability and at the same time making the iPhone more usable on Linux. Job well done.
14. Re:Wow. by Sheik+Yerbouti · 2010-05-28 04:08 · Score: 1
  
  5/10 not nearly subtle enough you can do better
15. Re:Wow. by Anonymous Coward · 2010-05-28 07:54 · Score: 0
  
  Someone is either butthurt or trolling. I'm guessing trolling. The "communist" remark at the end gave it away. 3/10.
Sounds like a feature by kthreadd · 2010-05-27 07:21 · Score: 5, Insightful

So the problem is that the memory of the iPhone is mounted and that the data is exposed? I may not understand this exactly but hasn't the argument been for many years now that iPods couldn't be directly mounted like that?
1. Re:Sounds like a feature by Anonymous Coward · 2010-05-27 07:25 · Score: 0
  
  I believe that under certain OS the iPod/iPhone/iEtc cannot mount as a regular external harddrive unless you format it correctly. However, Linux doesn't care and just mounts a harddrive as a harddrive instead of waiting for iTunes to open. I discovered this a few years when on vacation I plugged my iPod into my Ubuntu laptop (to charge) and discovered that I can easily access all the files stored on it.
2. Re:Sounds like a feature by stagg · 2010-05-27 07:34 · Score: 5, Funny
  
  Critical bug! Product too versatile -- works with non-Apple operating systems.
3. Re:Sounds like a feature by marcansoft · 2010-05-27 07:35 · Score: 5, Informative
  
  They're not a block device, so you can't mount their filesystem as such. Instead, they're effectively network drives: the proprietary AFC file transfer protocol tunneled over a hugely mutilated version of TCP stuffed into USB packets. Which you can mount under Linux, using FUSE and the appropriate apps (usbmuxd, libimobiledevice, and ifuse). I maintain usbmuxd.
  Apparently Apple relies on security through obscurity here (only their apps are usually able to talk to an iDevice), and the actual protocols aren't secured.
  Incidentally, this is where the term "jailbreaking" comes from: breaking out of the AFC filesystem jail (which is usually limited to the user's data partition). Jailbreaking's original feature was to introduce a secondary AFC share with root privileges on the root directory, and jailbreaks to this day still do. You can use ifuse --root under Linux to mount this secondary share.
4. Re:Sounds like a feature by kent_eh · 2010-05-27 07:38 · Score: 1
  
  I'll have to try mine again.
  When I tried to plug my iPhone in under Ubuntu 9.10, it caused a kernel panic. I suspected that may have been intentional on Apple's part.
  
  --
  
  ---
  "I can't complain, but sometimes still do..." Joe Walsh
5. Re:Sounds like a feature by rxan · 2010-05-27 07:38 · Score: 1
  
  But the PIN should prevent you from getting that far. Unless this part of the memory is meant to be unprotected.
6. Re:Sounds like a feature by Sycraft-fu · 2010-05-27 07:40 · Score: 1
  
  I think the problem is that the data is supposed to be protected. Sounds like you engage protection on the phone, but it doesn't actually protect the data. Now contrast this to a Blackberry, which uses strong encryption to protect its data when engaged. You can also directly mount a BB, but you can't get the data if the encryption is turned on (you can if it is off which is default).
  This is a worry if your phone has some confidential information. You rely on putting protection on it, in case it gets stolen. However if it turns out the protection is for show only, that's a problem.
7. Re:Sounds like a feature by flooey · 2010-05-27 07:49 · Score: 4, Interesting
  
  Which you can mount under Linux, using FUSE and the appropriate apps (usbmuxd, libimobiledevice, and ifuse). I maintain usbmuxd.
  In fact, when you plug an iPhone into a Mac, you can see in the process list that usbmuxd is what Mac OS is using to talk to the device.
8. Re:Sounds like a feature by fuzzyfuzzyfungus · 2010-05-27 07:50 · Score: 5, Interesting
  
  I have to wonder what sort of testing Apple(didn't) do here. If it is possible for a linux machine to mount the filesystem, then setting a PIN clearly has no effect at all on the device's access control of that filesystem. Even if plugged into a mac or PC running iTunes, the data should be equally accessible.
  
  Either they simply didn't feel the need to make the PIN actually do much more than lock the screen(arguably fairly misleading), or next to no testing was done, or (even worse), setting the PIN also sets some sort of "politely ignore the data you could easily access" flag, that iTunes obeys and the third-party implementations don't.
9. Re:Sounds like a feature by marcansoft · 2010-05-27 07:52 · Score: 5, Informative
  
  Correct. I wrote most of the usbmuxd implementation that we use on Linux as a clone of Apple's version. In fact, you should (as of yesterday) be able to compile libusbmuxd and libimobiledevice and maybe even ifuse (with macFUSE?) and use them together with Apple's usbmuxd on OSX to pull off this hack there. Heck, I think at least libusbmuxd and libimobiledevice should even build on Windows these days (Apple provides a Windows version of usbmuxd with iTunes).
10. Re:Sounds like a feature by greatica · 2010-05-27 07:53 · Score: 5, Funny
  
  Breaking into an Apple device: "it just works."
11. Re:Sounds like a feature by marcansoft · 2010-05-27 07:54 · Score: 5, Informative
  
  The iPhone 3GS supposedly uses whole-disk encryption. This does squat when your USB comms protocol doesn't request authentication though, since you can pull the data off through the iPhone kernel's transparent decryption layer.
  In other words, this hack has nothing to do with encryption and everything to do with an insecure protocol that makes no attempt to actually request PIN authentication before handing over all your data. Nobody expected your PIN to actually act as key for encryption anyway; that's impossible, as the iPhone has to be able to access your data even while locked.
12. Re:Sounds like a feature by xgr3gx · 2010-05-27 08:01 · Score: 1
  
  I don't think the PIN has anything to do with this. The PIN probably just locks the UI in the phone. That would be like pulling a hard drive out of one computer and adding to another and expecting the usernames and passwords to still work. You'll be able to mount the drive and access every part of the file system because the OS that governs access to that filesystem is not running. The drive is just being viewed by another computer.
  If the filesystem was encrypted, I imagine you'd could still mount the drive, but the contents wouldn't be viewable.
  
  --
  Shameless plug alert: Game server control panel
13. Re:Sounds like a feature by DarkOx · 2010-05-27 08:02 · Score: 1
  
  And when it was a music player that was a resonable argument to make. Why should you not have an easy way to copy files to a and from it. The data is not unique or personal.. I would still make the argument they should be mountable and apparently Apple agrees. What I find entertaing is that they don't have some sort of encrypted storage; where apps can write possibly private info into. A registry or something that is protected; even in the volume itself is open.
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
14. Re:Sounds like a feature by rthille · 2010-05-27 08:07 · Score: 1
  
  If the _filesystem_ is encrypted, then you can't mount it without the key. If the files are encrypted, then you can't make sense of their contents without the key(s).
  
  --
  Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
15. Re:Sounds like a feature by monkeyboythom · 2010-05-27 08:20 · Score: 0, Offtopic
  
  heh heh you said "mount"
16. Re:Sounds like a feature by Tekfactory · 2010-05-27 08:21 · Score: 1
  
  On many phones the PIN or keycode just unlocks the keypad, or in a touchscreen's case the UI. This does diddly to stop the USB connected phone's memory from being used as a storage device.
  The primary function of the "security" code here is to keep you from butt/pocket/purse dialing unintenationally. The Security code is not to lock down the confidential info on the phone and keep folks from copying all your data.
17. Re:Sounds like a feature by icebike · 2010-05-27 08:23 · Score: 1
  
  Seems not to do this on my older iPhone 3G.
  All it sees is the camera via digicam.
  So he either has some additional libraries on his Ubuntu or some hack-ness on his phone, or this bug was introduced on the 3Gs model.
  
  --
  Sig Battery depleted. Reverting to safe mode.
18. Re:Sounds like a feature by BlueBoxSW.com · 2010-05-27 08:24 · Score: 1
  
  You don't understand. It's a problem because can't say it is a "Walled Garden", they now will have to say "It's a walled garden. Unless you use open tools. Then it's kind of open. But Now we want better tools to do with it as we please, and Apple doesn't seem to be developing these on their dime and giving them away for free. Curses!"
19. Re:Sounds like a feature by Anonymous Coward · 2010-05-27 08:30 · Score: 0
  
  Shhhhh, don't tell them!
20. Re:Sounds like a feature by h4rr4r · 2010-05-27 08:31 · Score: 3, Interesting
  
  I just want to say thanks for all your work. This was a big thing in getting the last windows pc in my house to linux.
21. Re:Sounds like a feature by Mike+Buddha · 2010-05-27 08:45 · Score: 5, Informative
  
  The filesystem IS encrypted, but the OS happily decrypts everything for you without any form of authentication. That's the story here.
  
  --
  by Mike Buddha -- Someday the mountain might get him, but the law never will.
22. Re:Sounds like a feature by mirix · 2010-05-27 08:47 · Score: 1
  
  or (even worse), setting the PIN also sets some sort of "politely ignore the data you could easily access" flag, that iTunes obeys and the third-party implementations don't.
  This would be my guess.
  I suppose Apple didn't expect to see a third party implementation developed, so they took the cheapo obscurity route. They should probably quit betting against hackers, especially if they want fascist control of "their" devices... That just gives people incentive.
  
  --
  Sent from my PDP-11
23. Re:Sounds like a feature by Benanov · 2010-05-27 08:48 · Score: 1
  
  Ubuntu 10.04 has newer libraries. Also make sure you're connecting the phone then turning it on.
24. Re:Sounds like a feature by Anonymous Coward · 2010-05-27 08:56 · Score: 0
  
  Just like you can view the files on an XP machine by booting off of a Linux live CD. No password required.
25. Re:Sounds like a feature by geekoid · 2010-05-27 08:58 · Score: 1
  
  The argument has been apple doesn't support it, and tries to obufscate the data.
  There are several 3rd party tools that allow you to move data onto and off of iPods. I assume the same thing with the iPhone.
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
26. Re:Sounds like a feature by aardwolf64 · 2010-05-27 09:04 · Score: 1
  
  And honestly, how long would it take a computer to bruteforce a 4-digit numeric password???
27. Re:Sounds like a feature by Anonymous Coward · 2010-05-27 09:07 · Score: 2, Informative
  
  No, the keylock with a well known generic opening mechanism is what protects against pocket dialing. In the iphone case I believe that's implemented as a finger slide. The additional PIN code is obviously there to prevent people from using your phone or seeing your data -- and it failed.
28. Re:Sounds like a feature by hrimhari · 2010-05-27 09:10 · Score: 1
  
  Exactly. I was just thinking "wow! My Nokia and Samsung phones do just the same".
  In the other hand, if iTunes also takes the PIN into consideration, then Apple contributed to the expectation of the data being protected, not only the UI. Which in this case does represent a fault.
  
  --
  http://dilbert.com/2010-12-13
29. Re:Sounds like a feature by Graff · 2010-05-27 09:26 · Score: 3, Informative
  
  I read through both linked articles and it comes down to only this data is exposed:
  
  This data protection flaw exposes music, photos, videos, podcasts, voice recordings, Google safe browsing database, game contents
  Certainly not all of the data on the phone. Your e-mails, notes, application-specific data, address book, password keychain, and so on are still safely encrypted. Yes, this isn't a perfect situation but it's not as dire as it sounds. Most data that people expect to be secure is still secure.
  
  --
  Sapere aude!
30. Re:Sounds like a feature by Nerdfest · 2010-05-27 09:33 · Score: 4, Funny
  
  This does squat when your USB comms protocol doesn't request authentication though, since you can pull the data off through the iPhone kernel's transparent decryption layer.
  It just works ... even when it shouldn't.
31. Re:Sounds like a feature by Lars+T. · 2010-05-27 09:34 · Score: 1
  
  So the problem is that the memory of the iPhone is mounted and that the data is exposed? I may not understand this exactly but hasn't the argument been for many years now that iPods couldn't be directly mounted like that?
  Well, they only can under the condition that you connect the iPhone to USB while powered off, then turn it on. Apple assumes it could be a “race condition” or “a pairing issue”.
  
  --
  Lars T.
  To the guy who modded me down from perfect to terrible Karma - Apple haters still suck
32. Re:Sounds like a feature by icebike · 2010-05-27 09:36 · Score: 1
  
  Yeah, 10.04 is what I have, but I can't induce this on the 3G.
  Might be my USB drivers, since my ubuntu machines are in a virtual machine. I'll try it on real hardware tomorrow.
  
  --
  Sig Battery depleted. Reverting to safe mode.
33. Re:Sounds like a feature by E+IS+mC(Square) · 2010-05-27 09:39 · Score: 0, Troll
  
  This, according to The iPhone User, is exactly how an elegant system should work. Just like how they were not ready for copy-paste till Apple provided it, and then it was The Best Copy-Paste out there. Go figure!
34. Re:Sounds like a feature by Thinboy00 · 2010-05-27 09:53 · Score: 1
  
  TFA is talking about Lucid, not Karmic.
  
  --
  $ make available
35. Re:Sounds like a feature by Thinboy00 · 2010-05-27 09:55 · Score: 1
  
  How about just making it unmountable unless you tell the phone to mount, which logically requires unlocking it first? AFAICT that's how (an)droid does it.
  
  --
  $ make available
36. Re:Sounds like a feature by Thinboy00 · 2010-05-27 09:57 · Score: 1
  
  Unless the VM is badly behaved, I would guess the bug was introduced in 3GS, from what you've told us.
  
  --
  $ make available
37. Re:Sounds like a feature by Anonymous Coward · 2010-05-27 09:57 · Score: 0
  
  Not reproducible here using OS X.
  Bug report closed.
38. Re:Sounds like a feature by qubezz · 2010-05-27 09:59 · Score: 1
  
  And, how many bad password entries does it take for a Blackberry to wipe ALL its data? 10 (or less if you want).
39. Re:Sounds like a feature by Sancho · 2010-05-27 10:22 · Score: 2, Interesting
  
  And it always will. The purpose of the encryption is to allow remote-wipe (and even local-wipe, I suppose) to be nearly instantaneous. Wipe the key, and the data is unreadable, as opposed to having to spend time wiping the entire contents of the flash memory.
  The encryption isn't meant to be used day-to-day. It's meant to be transparent until you need to destroy your data.
40. Re:Sounds like a feature by Pharmboy · 2010-05-27 10:25 · Score: 3, Funny
  
  And honestly, how long would it take a computer to bruteforce a 4-digit numeric password???
  Forever! There must be like a million possible combinations!
  
  --
  Tequila: It's not just for breakfast anymore!
41. Re:Sounds like a feature by Anonymous Coward · 2010-05-27 10:34 · Score: 0
  
  "Boom!" - Steve P. Jobs
42. Re:Sounds like a feature by khellendros1984 · 2010-05-27 10:43 · Score: 1
  
  iPhones are a bit of a different beast. The older iPod varieties can be mounted like external drives (even in Windows, if they happen to be formatted as FAT32). The last time I tried, my iPod Touch didn't work that way, although the communication protocol may have been worked out since then.
  
  --
  It is pitch black. You are likely to be eaten by a grue.
43. Re:Sounds like a feature by zuperduperman · 2010-05-27 11:15 · Score: 1
  
  And, how many bad password entries does it take for a Blackberry to wipe ALL its data? 10 (or less if you want).
  I'll have to try this on my friend's phone one day just for laughs ...
44. Re:Sounds like a feature by kent_eh · 2010-05-27 11:56 · Score: 1
  
  Yeah, I know. Now that I'm up to date, I'll have to try it.
  
  --
  
  ---
  "I can't complain, but sometimes still do..." Joe Walsh
45. Re:Sounds like a feature by arose · 2010-05-27 12:36 · Score: 1
  
  It doesn't matter, since it shouldn't be able to control the iPhone before the PIN has been entered.
  
  --
  Analogies don't equal equalities, they are merely somewhat analogous.
46. Re:Sounds like a feature by Anonymous Coward · 2010-05-27 12:53 · Score: 0
  
  Is it any coincidence that Apple just surpassed Microsoft's market capitalization?
47. Re:Sounds like a feature by exomondo · 2010-05-27 13:24 · Score: 1
  
  lol...yep 4^10
  But yes it does depend almost wholly on how long it takes the device to validate the code.
48. Re:Sounds like a feature by Anonymous Coward · 2010-05-27 14:40 · Score: 0
  
  Err. Mathfail. You mean 10^4.
  
  Unless it's a joke, in which case it's a really poorly set up joke. So either be smarter or funnier. One of the two.
49. Re:Sounds like a feature by Urkki · 2010-05-27 14:49 · Score: 1
  
  I don't think the PIN has anything to do with this. The PIN probably just locks the UI in the phone.
  Which "PIN"? In GSM or 3G phones, PIN usually refers to the PIN of the SIM card, which is a "smart card" and doesn't allow access at all without the PIN. It doesn't lock the phone, it locks the SIM, so a phone can't access it without giving it the PIN first. The rest is up to the phone. Many plain phones won't boot up without a SIM card and correct SIM PIN, while most smart phones will work in "offline" mode even without SIM.
  Whatever other locking codes there might be for phone UI or for USB access or whatever, calling them PIN codes is probably a bad idea when "PIN" has an established meaning as the SIM card PIN.
50. Re:Sounds like a feature by Urkki · 2010-05-27 14:55 · Score: 1
  
  Exactly. I was just thinking "wow! My Nokia and Samsung phones do just the same".
  I'm pretty sure at least Nokia phones won't allow USB access if the phone is locked (with the phone locking code, not the SIM PIN).
  I didn't RTFM, so I'd like to know, if iPhone (the phone UI) is locked, it will still allow USB access? Ie. there's no way to block USB access to personal data? If that's true, then that's bad, a real WTF.
  But if it works like the other "smart phones", and protects your data if you've set up phone locking and the phone lock is on, and it can be set to switch on automatically after a time, then there's no issue.
51. Re:Sounds like a feature by ToasterMonkey · 2010-05-27 15:26 · Score: 2
  
  Even if plugged into a mac or PC running iTunes, the data should be equally accessible.
  What do other phones do? Connect a blackberry to a PC with blackberry desktop for example..
  Does iTunes ask for the PIN each time it syncs an PIN locked iPhone? I must be missing something.
  Does this trick allow use of the SIM card without entering its PIN? Could someone who has both phones elaborate?
  I don't ever remember having to enter a PIN to pair a blackberry other than the random one for pairing bluetooth devices which is responsible only for encrypting the wireless transmission.
  I know "access data locally without authenticating" sounds scary, but I'm not exactly sure what the precedence is for phones authenticating with peers (bluetooth pairing is authorization, not authentication)
52. Re:Sounds like a feature by totally+bogus+dude · 2010-05-27 15:50 · Score: 2, Informative
  
  Can't speak to Blackberries and such, but on my Symbian-based phone (Samsung i8510) if I connect it to USB while it's PIN-locked all it does is recharge. I did this on my work PC while watching /var/log/dmesg and all it registered was a USB HUB being connected. No access to the phone memory at all. After I entered the PIN, the phone's internal storage and the SD card I have in were suddenly available.
  Of course, if you have physical access to my phone you can pull out the SD card, which doesn't have any protection at all. But it's mostly just music on that, I think all my "private" information is on the internal memory and/or the SIM (which I also have a PIN on).
53. Re:Sounds like a feature by GillyGuthrie · 2010-05-27 15:54 · Score: 2, Informative
  
  lol...yep 4^10
  Actually it's 10^4 (10,000 permutations), not 4^10 (1048576 permutations).
54. Re:Sounds like a feature by Bing+Tsher+E · 2010-05-27 17:43 · Score: 0, Troll
  
  Can't they just ramp up the fascism another notch by invoking the DMCA?
55. Re:Sounds like a feature by Bing+Tsher+E · 2010-05-27 17:50 · Score: 1
  
  I thought the 's' in SD stood for 'secured' and the generic non-secured equivalent was the 'MMC' card. As such I always figured that 'hooks' were in place on SD media and just not activated (yet). I am no expert on any of this, I'm sure someone else might correct all or part of what I'm trying to say.
56. Re:Sounds like a feature by Bing+Tsher+E · 2010-05-27 18:02 · Score: 1
  
  That sounds like a dreadful DOS exploit. Just hit the phone ten times with random codes and it's a brick.
57. Re:Sounds like a feature by exomondo · 2010-05-27 18:34 · Score: 1
  
  right you are!
58. Re:Sounds like a feature by marcansoft · 2010-05-27 18:49 · Score: 2, Funny
  
  The "S" stands for "crappy failed security-through-obscurity DRM that absolutely no one actually uses in the real world". It has nothing to do with actual security.
59. Re:Sounds like a feature by marcansoft · 2010-05-27 18:53 · Score: 1
  
  Just make it shut down the phone after 5 attempts. Considering how long it takes for the iPhone to boot, that should be enough of a deterrent.
60. Re:Sounds like a feature by marcansoft · 2010-05-27 19:15 · Score: 4, Informative
  OK, upon further testing (I don't use a passcode myself so I never even looked into this) and getting some information from others, it looks like this isn't a total oversight on Apple's part, but it is a real bug that requires a specific sequence to trigger.
  Here's how it's supposed to work:
  
  The first time you connect an iPhone to a specific computer, the iPhone will "pair" with the computer. This happens behind the scenes.
  This pairing process is disabled while the phone is locked with a passcode.
  Once paired, that computer will always be able to talk to that phone, even while locked.
  The actual bug is that there's a race condition during boot. There's a window during which the lock code setting hasn't been read, during which the phone will accept pairing requests even though it shouldn't.
  If you want to try it on Linux, do this:
  
  Delete ~/.config/{libiphone,libimobiledevice} to clear the pairing data
  Create a directory to mount the device on
  Configure a passcode on your device and shut it dow
  Have a syslog window open
  Plug it into USB and power it on
  As soon as you see your device enumerate with the USB subsystem, start spamming ifuse <mountpoint> on a terminal
  With any luck it will pair and mount. From now on you can unmount it and mount it as many times as you wish with this computer.
  Notice how the "slide to unlock" SpringBoard screen will not have yet appeared when this works. Once it does, the passcode has been configured and pairing will no longer work. On the latest version of ubuntu it tries to automount as soon as it sees the device, which makes this bug a lot more obvious.
61. Re:Sounds like a feature by Xest · 2010-05-27 20:35 · Score: 1
  
  It's not even about testing, anyone developing this sort of system will know full well that such a security hole exists. You just can't have the knowledge to develop the system, and not realise the implications of your design.
  I suspect it's more a typical case of deadlines being more important than a thoroughly secure implementation.
62. Re:Sounds like a feature by xOneca · 2010-05-27 22:57 · Score: 1
  
  I think it's "secured" because you can write-protect it with a manual switch.
63. Re:Sounds like a feature by Anonymous Coward · 2010-05-27 23:07 · Score: 0
  
  And honestly, how long would it take a computer to bruteforce a 4-digit numeric password???
  Forever! There must be like a million possible combinations!
  With 4 digits there are 10000 combinations (0000 => 9999)
  Think twice next time ;)
64. Re:Sounds like a feature by hitmark · 2010-05-27 23:56 · Score: 1
  
  not user friendly enough for apple?
  it appear that the iphone have a pairing system (think bluetooth, only automated), and the trick is to get the pairing to happen before the phone have had time to as for pin. After that, the phone will consider the computer friendly, and dont bother with the pin at all.
  
  --
  comment first, facts later. http://chem.tufts.edu/AnswersInScience/RelativityofWrong.htm
65. Re:Sounds like a feature by Pharmboy · 2010-05-28 00:00 · Score: 1
  
  woosh!
  You aren't really smarter than other people, you just think you are.
  
  --
  Tequila: It's not just for breakfast anymore!
66. Re:Sounds like a feature by hmar · 2010-05-28 01:36 · Score: 1
  
  According to the business rep at my local apple store, the 3Gs does have hardware based ecryption, but it will not actually be implemented until OS 4.0 comes out. This is why we are holding only a very limited trial with iphones at work, until I can test one with functional security.
67. Re:Sounds like a feature by Anonymous Coward · 2010-05-28 02:45 · Score: 0
  
  The filesystem isn't encrypted by default- that is a feature you have to explicitly turn on. Pin protection has nothing to do with encryption. iPhoneos4 has true disk encryption.
68. Re:Sounds like a feature by torkus · 2010-05-28 02:48 · Score: 1
  
  Take it a step further and you expose the underlying problem with many 'encryption' systems. If the 'secure' key is stored on the device...well...it's STORED! It might not be easy to get, but if you read out the entire contents and ran them in a controlled environment (VM for example) that key has to exist in plaintext somewhere at some point.
  Utimaco's FDE is a perfect example of that yet some companies use it with the mistaken belief that their data is safe.
  
  --
  You can get rich if you own a politician, but you have to be rich to buy one in the first place.
69. Re:Sounds like a feature by torkus · 2010-05-28 02:59 · Score: 2, Informative
  
  Sorry but no. The encryption is enabled on all 3GS phones (and only 3GS, not 3G or prior) full time and can not be disabled.
  The 3GS *has* functional security except for the number of holes that have been poked in it.
  I don't know what rep you're talking to but he's misinformed and would otherwise be totally in violation of Apple's disclosure policy which reads something like 'if you tell anyone before Jobs does you're fired on the spot'.
  We too are doing testing @ work but all the holes that hackers keep poking into the iPhone keep putting the launch off 'until the next (secure) release'
  
  --
  You can get rich if you own a politician, but you have to be rich to buy one in the first place.
70. Re:Sounds like a feature by Geminii · 2010-05-28 04:17 · Score: 1
  
  "There's a distro for that."
71. Re:Sounds like a feature by soppsa · 2010-05-28 06:46 · Score: 1
  
  It's sad on Apples part, but whatever, it'll be fairly easily fixed.
  
  --
  Ogre Wedding Planners llc.
72. Re:Sounds like a feature by Anonymous Coward · 2010-05-28 12:52 · Score: 0
  
  How ironic that *APPLE'S* iPhone syncing and lack of a way to do it on Linux is actually INCREASING *MICROSOFT'S* OS marketshare... that's the only reason I have windows...
73. Re:Sounds like a feature by jackspenn · 2010-05-28 13:31 · Score: 1
  
  My company BB has an encrypted drive, the PIN not only locks the phone, but prevents it's contents from being mounted over USb or bluetooth and shared unless entered and unlocked.
  
  --
  Respect the Constitution
74. Re:Sounds like a feature by Anonymous Coward · 2010-05-28 21:53 · Score: 0
  
  actually only 10,000
75. Re:Sounds like a feature by rthille · 2010-05-29 14:56 · Score: 1
  
  You can have things like hardware decryption modules that store the key and will not reveal it, and that need the pin to unlock.
  Somewhere around here I've got a Java iButton that works like that...
  
  --
  Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
76. Re:Sounds like a feature by ToasterMonkey · 2010-05-29 16:22 · Score: 1
  
  I understand a little more about how PIN locks work now, but am I correct in saying that the peer at the other end of the USB never actually sends the PIN over? As in the PC never authenticates with the phone, but the user unlocks the phone, then the phone speaks freely to whatever has physical access as long as it is turned on? I mean, idealy, something like bluetooth pairing would happen even to enable the physical USB connection, but I don't think this currently happens.
  I know violating the assumption that a powered off PIN locked phone is secure is _bad_ and all, but AFAIK, a powered on PIN locked phone is not really secure after it is unlocked? My big question is what percentage of time is that? Does a PIN locked phone re-lock after a few minutes, or prompt for the PIN to enable each connection? Thats the part I think I'm missing, because otherwise it's hard to see that much security was lost.. but people are getting so upset over this, so there must be something.
77. Re:Sounds like a feature by totally+bogus+dude · 2010-05-29 21:00 · Score: 1
  
  I don't know of any phones that authenticate over USB, as most phones operate as USB mass storage devices which I don't think has any provision for that kind of thing. So, it's as you say: the unlock code has nothing to do with the connectivity, it's simply a matter that the phone will not expose its storage via USB if it's currently locked. This isn't too severe a limitation, since if you're able to plug a USB cable into the phone then you obviously have physical access to the device and can unlock it from the keypad.
  Most phones can be configured to automatically lock after a certain amount of time. For example, my phone is set to lock after 5 minutes at which point you'll need to enter the PIN in order to access it. You can also configure it to never automatically lock and therefore you can manually tell it to lock when it suits you. So the answer to your big question is "it depends how the user has configured it".
  As mentioned before, while it's locked you can't access the memory through USB. It's not exactly bullet-proof security, but it's enough to deter the casual attacker. It's very likely my phone (and others) have an override code or reset facility that could be used to gain access to the phone even if it's locked, possibly at the expense of wiping all settings (but it'll likely retain at least some user data).
  Of course the issue with the iPhone is actually that at bootup it doesn't respect the lock code - so it works as expected while it's powered on, but if someone switches it off, and then connects to it via USB and powers it on they can access it. I'm not sure if it's possible to turn the iPhone off while it's locked though (doesn't it require confirmation?). However, this does violate the assumption that a powered-off PIN-locked phone is secure.
Who says... by Thelasko · 2010-05-27 07:21 · Score: 1

Linux is hard to use?

--
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
1. Re:Who says... by Lord+Lode · 2010-05-27 07:24 · Score: 3, Informative
  
  Apparently it's so hard to use that they can't even reproduce it at Apple.
2. Re:Who says... by Amarantine · 2010-05-27 07:32 · Score: 2, Informative
  
  That joke is getting a bit old, with Apple selling 4-button mice with every iMac for 5 years now.
3. Re:Who says... by Anonymous Coward · 2010-05-27 07:48 · Score: 0
  
  That 10 year old joke would be a titch funnier if OSX wasn't built on Unix.
4. Re:Who says... by Anonymous Coward · 2010-05-27 07:57 · Score: 0, Flamebait
  
  Wah wah wah, we hurt the poor widdle mac loser's feelings? Too bad.
  Get the fuck off my internet and don't come back until you're smart enough to use a REAL computer.
  Anyone stupid enough to buy a Mac deserves endless teasing and harassment from his superiors.
5. Re:Who says... by rednip · 2010-05-27 07:59 · Score: 1
  
  Who says... Linux is hard to use?
  Lots of people do, they're wrong of course, but somehow that doesn't seem to stop them from saying it.
  
  --
  The force that blew the Big Bang continues to accelerate.
6. Re:Who says... by TheBig1 · 2010-05-27 08:31 · Score: 1
  
  What's your point? Linux != Unix.
7. Re:Who says... by Anonymous Coward · 2010-05-27 08:41 · Score: 0
  
  Mice with buttons? that's so 20th century. Would you like a set of 8 toggle switches and an enter button with that?
8. Re:Who says... by Anonymous Coward · 2010-05-27 09:00 · Score: 0
  
  What's your point?
  
  Really? You didn't get that? You think Unix is 'single-click' simpler than Mac OS or Windows?
  Maybe you should go back to commenting on YouTube.
9. Re:Who says... by Anonymous Coward · 2010-05-27 09:05 · Score: 0, Flamebait
  
  English -> Internet translator results for "Mac user": faggot
10. Re:Who says... by MobileTatsu-NJG · 2010-05-27 09:06 · Score: 1, Insightful
  
  Wah wah wah, we hurt the poor widdle mac loser's feelings? Too bad.
  Get the fuck off my internet and don't come back until you're smart enough to use a REAL computer.
  Anyone stupid enough to buy a Mac deserves endless teasing and harassment from his superiors.
  Translation: "Aww shit, my Apple stereotype hasn't been applicable for years and now I look stupid! Well hopefully the phrase 'real computer' is ambiguous enough to imply that I have a computer that does something the Mac doesn't and nobody'll challenge me on it!"
  
  --
  
  "I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
11. Re:Who says... by jo_ham · 2010-05-27 11:07 · Score: 3, Funny
  
  The i in "iMac" does not stand for the square root of minus one.
  All Macs are in the real set.
12. Re:Who says... by shellbeach · 2010-05-27 12:46 · Score: 2, Interesting
  
  That joke is getting a bit old, with Apple selling 4-button mice with every iMac for 5 years now.
  Nah. It's still good for many of us :) And besides, Apple can't quite get away from the one-button meme -- even with their multiple button mice, they try and hide the different buttons under one big button. (Something which I would have thought was the single worst interface design decision ever, incidentally ...)
  Anyway, I'm not sure what's the big deal about being able to read a small portion of the iPhone drive in Ubuntu -- you still can't access any application data or any of the databases that store your contacts/notes/whatevers. It does mean someone can copy your music ... but that's surely a good thing! And access to part of the file system isn't exactly unusual -- even without Ubuntu, you should be able to see the iPhone's DCIM photo folder when you plug the device into a computer.
13. Re:Who says... by Anonymous Coward · 2010-05-27 13:58 · Score: 0
  
  Yea, but by default, only one of those buttons is enabled. Every user on the mac needs to program the other buttons individually.
14. Re:Who says... by Anonymous Coward · 2010-05-28 03:34 · Score: 0
  
  My computer works. Macs don't.
  I can install any software I wish. Macs can't.
  I can play the latest video games on release day. Macs can't.
  I don't suck cocks. Mac users do.
15. Re:Who says... by MobileTatsu-NJG · 2010-05-28 04:16 · Score: 1
  
  You finished with 1 point out of 4. Three of those were awfully desperate. Feeling insecure there, buddy?
  
  --
  
  "I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
Hard drive by MrEricSir · 2010-05-27 07:22 · Score: 0

Pin or no pin, couldn't you just pull the hard drive out of the phone and plug it into a computer? I doubt it has any type of encryption.

--
There's no -1 for "I don't get it."
1. Re:Hard drive by f8l_0e · 2010-05-27 07:24 · Score: 2, Informative
  
  All of its storage is flash memory soldered to the logic board. There is no way to remove the storage.
2. Re:Hard drive by _KiTA_ · 2010-05-27 07:29 · Score: 1
  
  All of its storage is flash memory soldered to the logic board. There is no way to remove the storage.
  Except with a soldering iron. And I imagine it's fairly standard flash memory at that.
  Or am I missing something? Would doing that wipe the flash?
3. Re:Hard drive by t0qer · 2010-05-27 07:31 · Score: 1
  
  All of its storage is flash memory soldered to the logic board.
  Give me a solder sucker, a USB keydrive with a compatible flash chip controller, and I'll have it removed. Just because it's soldered on doesn't mean it's impossible to transfer the flash to something else, plug it in, and read it.
4. Re:Hard drive by Nadaka · 2010-05-27 07:32 · Score: 1
  
  No safe, practical way. You can always cut it out, but soldering it back in may present issues.
5. Re:Hard drive by fuzzyfuzzyfungus · 2010-05-27 07:34 · Score: 1
  
  No way for a casual attacker to do so. It doesn't take a rocket surgeon to remove the chips, which are a well-understood commodity item, and talk to them directly.
  
  Depending on exactly how bad-block information and the like are stored, they may run into some trouble there; but only proper data encryption would actually stop them.
6. Re:Hard drive by Anonymous Coward · 2010-05-27 07:35 · Score: 2, Funny
  
  Would doing that wipe the flash?
  It will if you use the Apple-standard soldering iron. Anything else is unsupported.
7. Re:Hard drive by omglolbah · 2010-05-27 07:36 · Score: 1
  
  It is standard flash memory. Desoldering and reading the data is not hard at all.
  I think making sense of the raw data is more of a challenge than then desoldering and reading.
8. Re:Hard drive by MightyMartian · 2010-05-27 07:40 · Score: 1
  
  Indeed, and the next update will cause the entire unit to melt if mods are not done with the iSolderingIron.
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
9. Re:Hard drive by CoffeeDog · 2010-05-27 07:59 · Score: 1
  
  You don't even need to remove it from the board, just connect up some leads to the pins and you can read it without leaving a single scratch. That's what my solder-less Wii mod chip does, it's a socket that fits right over the chip and has contacts that touch the pins.
10. Re:Hard drive by poetmatt · 2010-05-27 08:00 · Score: 1
  
  rocket surgeons? Do they operate on explosives or fuel?
11. Re:Hard drive by Anonymous Coward · 2010-05-27 08:10 · Score: 0
  
  Indeed, and the next update will cause the entire unit to melt if mods are not done with the iSolderingIron.
  Ha, more like the i... erm... the SolderingiRon, I guess.
  That... that joke sort of went off the rails there, I'll try again later...
12. Re:Hard drive by Anonymous Coward · 2010-05-27 08:13 · Score: 2, Funny
  
  You misunderstand, rocket surgeons operate with explosives..
13. Re:Hard drive by f8l_0e · 2010-05-27 08:14 · Score: 3, Informative
  
  Except I believe that the memory on the iPhone is composed of ball grid array chips. So then it becomes an issue of using a reflow gun or oven. Then, once you have removed those, you need to reball the chips or have a bga prototyping socket and then attach it a compatible controller chip. Then unless you have done this to all of the chips to dump their contents so you have a complete filesystem, or all you have is useless bits. So, while not impossible, it is not a 30 second procedure like hooking up a hard drive.
14. Re:Hard drive by h4rr4r · 2010-05-27 08:42 · Score: 1
  
  In your magic land the heat gun has not been invented yet?
15. Re:Hard drive by h4rr4r · 2010-05-27 08:43 · Score: 1
  
  You could use a heat gun, a reflow oven, hell a soldering iron and a solder sucker. Removing chips is not rocket surgery.
16. Re:Hard drive by f8l_0e · 2010-05-27 08:59 · Score: 1, Flamebait
  
  If I had a magical land, there would be no ASSHOLES, so your post wouldn't be here to reply to.
17. Re:Hard drive by Anonymous Coward · 2010-05-27 09:04 · Score: 5, Informative
  
  Here you have gone from saying there is no way to remove the storage (+5 Informative, haha), to saying there is a viable way to remove the storage. Kudos to you, sir. Now, where's my +5 Informative?
18. Re:Hard drive by Anonymous Coward · 2010-05-27 09:15 · Score: 0
  
  You don't even need to remove it from the board, just connect up some leads to the pins and you can read it without leaving a single scratch. That's what my solder-less Wii mod chip does, it's a socket that fits right over the chip and has contacts that touch the pins.
  Does your solderless wii modchip simply connect to the otherwise unused i2c leads on the dvd drive controller chip? That's quite different than connecting directly to leads that are also connected directly to, and in use by, the rest of the circuit.
19. Re:Hard drive by Zen+Hash · 2010-05-27 09:23 · Score: 1
  
  You don't even need to remove it from the board, just connect up some leads to the pins and you can read it without leaving a single scratch. That's what my solder-less Wii mod chip does, it's a socket that fits right over the chip and has contacts that touch the pins.
  Except that the pins are not so easily accessible on an IC in a BGA package: http://en.wikipedia.org/wiki/Ball_grid_array
  
  --
  Here I sit, all broken hearted.
  Came to poop, but only farted.
20. Re:Hard drive by MrEricSir · 2010-05-27 10:01 · Score: 1
  
  Why bother? Just make a backup of the phone, then restore the backup to a new one and swap the SIM card. As long as it's the same color and in the same case, the victim is unlikely to notice.
  
  --
  There's no -1 for "I don't get it."
21. Re:Hard drive by ajlitt · 2010-05-27 10:03 · Score: 1
  
  Good luck with using a solder sucker on that BGA flash part.
22. Re:Hard drive by exomondo · 2010-05-27 17:03 · Score: 2, Funny
  
  If I had a magical land, there would be no ASSHOLES, so your post wouldn't be here to reply to.
  And you'd just be full of shit.
Ubuntu feature == exploit? by Anonymous Coward · 2010-05-27 07:22 · Score: 0

Nobody bothered to check whether Ubuntu tries a couple of obvious/common PINs first? Really?
Protip: IT DOES.
1. Re:Ubuntu feature == exploit? by MrEricSir · 2010-05-27 07:24 · Score: 1
  
  Hey, 1 2 3 4 might be obvious to you, but it wasn't for me!
  
  --
  There's no -1 for "I don't get it."
2. Re:Ubuntu feature == exploit? by just_another_sean · 2010-05-27 07:25 · Score: 1
  
  [citation needed]
  So this is one of those "Hey, that's the combination on my luggage" things?
  
  --
  Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
3. Re:Ubuntu feature == exploit? by Steve+Max · 2010-05-27 07:57 · Score: 1
  
  If you try three wrong PINs, your SIM card is locked; so probably they don't do this. Unless, of course, people are using PIN for something entirely different from what PIN means when discussing GSM phones.
4. Re:Ubuntu feature == exploit? by suomynonAyletamitlU · 2010-05-27 09:05 · Score: 2, Funny
  
  That's amazing, I have the same combination on my luggage!
5. Re:Ubuntu feature == exploit? by koiransuklaa · 2010-05-27 09:15 · Score: 1
  
  He's referring to Bluetooth pairing passcode, I bet. I would have thought the article would have mentioned if this was a Bluetooth attack -- that would make this about 1000 times more serious.
Absurf by Anonymous Coward · 2010-05-27 07:23 · Score: 0

Don't be ridiculous. It'll be jailbroken.
Updated story by OzPeter · 2010-05-27 07:24 · Score: 4, Informative

From TFA Apple could reproduce the described serious issue and believes to understand why this can happen but cannot provide timing or further details on the release of a fix.

--
I am Slashdot. Are you Slashdot as well?
1. Re:Updated story by Anonymous Coward · 2010-05-27 07:31 · Score: 0
  
  New headline:
  Ubuntu still working as intended, Apple promises Fix...
2. Re:Updated story by MozeeToby · 2010-05-27 07:35 · Score: 1
  
  Shouldn't it just be a matter of requiring the user to allow the mount of the iPhone side? That is, I believe, how Android handles the problem. Nothing can be mounted until the user tells the phone to allow it, which must be done from the home screen, which cannot be accessed without the sign in pattern. Unless that is how it is supposed to work but for whatever reason isn't happening on Lucid Lynx?
3. Re:Updated story by lennier1 · 2010-05-27 07:37 · Score: 1
  
  Sadly it's not that unlikely.
4. Re:Updated story by Captain+Spam · 2010-05-27 08:29 · Score: 1
  
  Shouldn't it just be a matter of requiring the user to allow the mount of the iPhone side? That is, I believe, how Android handles the problem. Nothing can be mounted until the user tells the phone to allow it, which must be done from the home screen, which cannot be accessed without the sign in pattern.
  Almost. You can mount the SD card from anywhere you can access the notification bar, not just the home screen (it just shows up as a plain ongoing notification). Still does require your sign in pattern (if you have one set and aren't already logged in).
  Of course, you could also just yoink the SD card from the phone and find an adapter if you really wanted to. :-)
  
  Unless that is how it is supposed to work but for whatever reason isn't happening on Lucid Lynx?
  I'm not familiar with iPhones, but if Lucid Lynx can do this without any user or OS intervention on the iPhone's side, I'm guessing Apple was going for security through obscurity. Namely, using a filesystem or network protocol that OS X is trained to ignore (unless iTunes asks), that Windows doesn't know what to do with (unless iTunes is installed and asks), and that they thought wasn't installed on most Linux distros by default (which may have been true before, but apparently isn't with Lucid... has anyone tested this with earlier Ubuntus?).
  
  --
  Demanding constant attention will only lead to attention.
5. Re:Updated story by nurb432 · 2010-05-27 09:05 · Score: 1
  
  From TFA Apple could reproduce the described serious issue and believes to understand why this can happen but cannot provide timing or further details on the release of a fix.
  
  Who said it needs 'fixed'?
  
  --
  ---- Booth was a patriot ----
Apple can now reproduce by KnownIssues · 2010-05-27 07:25 · Score: 4, Informative

Bernd Marienfeldt updated his blog saying Apple is now able to reproduce the problem and believes they know the cause, but no timing on fix release.
1. Re:Apple can now reproduce by Minwee · 2010-05-27 12:54 · Score: 3, Informative
  
  The fix, of course, will be to prevent iPhones from being accessible from Ubuntu.
2. Re:Apple can now reproduce by Anonymous Coward · 2010-05-27 19:50 · Score: 0
  
  The fix, of course, will be to prevent iPhones from being accessible from Ubuntu.
  By a license agreement clause.
  "By hacking the iPhone, you accept the terms of this agreement:
  - all hacking shall be done on properly licensed and Apple-approved hardware and software, namely the Apple iHack SDK ("SDK")
  -...
  "
Attention Naysayers by swanzilla · 2010-05-27 07:26 · Score: 1

Let us Ubuntu fanboiz have a moment to gloat before trashing our OS as a whole.
Thanks.

--
0 = 1 + e^(Alt something)
1. Re:Attention Naysayers by egcagrac0 · 2010-05-27 07:30 · Score: 4, Funny
  
  You two have fun with that.
2. Re:Attention Naysayers by stagg · 2010-05-27 07:31 · Score: 1
  
  Do we have to like Ubuntu 10.04 or can Linux fans in general gloat?
3. Re:Attention Naysayers by Anonymous Coward · 2010-05-27 08:15 · Score: 0
  
  Do we have to like Ubuntu 10.04 or can Linux fans in general gloat?
  Gloat away.
4. Re:Attention Naysayers by Anonymous Coward · 2010-05-27 08:23 · Score: 0
  
  Get real.
  - Debian
5. Re:Attention Naysayers by oakgrove · 2010-05-27 08:32 · Score: 2, Funny
  
  We certainly will. And thanks again for your support!
  
  --
  The soylentnews experiment has been a dismal failure.
6. Re:Attention Naysayers by Anonymous Coward · 2010-05-27 09:36 · Score: 0
  
  Whooosh! Could someone explain this joke to me? Or is it just that the joke is that there are few ubuntu users? (If that's it, I don't think it's 5 funny.)
7. Re:Attention Naysayers by Anonymous Coward · 2010-05-27 11:17 · Score: 0
  
  Gloat away.
8. Re:Attention Naysayers by Anonymous Coward · 2010-05-27 11:22 · Score: 0
  
  Starting Score: 1
  Moderation +3
  70% Funny
  30% Informative
  Extra 'Funny' Modifier 0
  Karma-Bonus Modifier +3
  Total Score: 5
9. Re:Attention Naysayers by mjwx · 2010-05-27 12:34 · Score: 1
  
  You two have fun with that.
  We shall,
  
  sudo configure that.2.4.5443.4 --with-fun
  sudo make
  sudo make install
  
  --
  Calling someone a "hater" only means you can not rationally rebut their argument.
10. Re:Attention Naysayers by Obfiscator · 2010-05-27 23:24 · Score: 1
  
  No no, General Goat was 7.10.
  Oh, gloat. N/m.
  
  --
  "Nothing shocks me. I'm a scientist." -Indiana Jones
Physical Access = Root Access by Anonymous Coward · 2010-05-27 07:28 · Score: 0

Suprised and shocked, really???
Just because you have a smartphone, doesn't mean it encrypts your super secret data. You normally have to pay extra for something like that. However, I think it would be cool if Apple incorporated encryption as a setting into the new release of iPhone OS.
1. Re:Physical Access = Root Access by Elbart · 2010-05-27 07:35 · Score: 4, Informative
  
  But that's exactly how Apple is advertising the 3GS: http://www.apple.com/iphone/business/integration/#securing
2. Re:Physical Access = Root Access by Graff · 2010-05-27 12:33 · Score: 1
  
  But that's exactly how Apple is advertising the 3GS: http://www.apple.com/iphone/business/integration/#securing
  
  The level of security on an iPhone that has the enterprise deployment features enabled is much higher than the security on a non-enterprise iPhone. I'd be interested to see if this trick works on an enterprise iPhone or if it only works on a non-enterprise one. I'm betting that page you linked is completely accurate when we are talking about enterprise deployment
  
  --
  Sapere aude!
3. Re:Physical Access = Root Access by soppsa · 2010-05-28 06:28 · Score: 1
  
  It does not, but that wont stop the Apple haters on /.
  
  --
  Ogre Wedding Planners llc.
This is not Apple's problem. by gimmebeer · 2010-05-27 07:29 · Score: 5, Funny

It is a security problem with Ubuntu and should be fixed by their dev team before they are sued for hacking. Afterall, the iPhone was not meant to be connected to anything other than Apple software.
1. Re:This is not Apple's problem. by lennier1 · 2010-05-27 07:34 · Score: 1
  
  Expect the decree from His Holy Steveness within a week.
2. Re:This is not Apple's problem. by egcagrac0 · 2010-05-27 07:36 · Score: 1
  
  It's the user's problem, because an attacker won't feel any particular compulsion to be bound by Apple's intents and guidelines.
  It's Apple's problem if they want their users to trust that Apple has their best interests in mind.
3. Re:This is not Apple's problem. by Anonymous Coward · 2010-05-27 07:42 · Score: 0
  
  Actually it's an Apple problem since they did not borther to encrypt the volume.
4. Re:This is not Apple's problem. by Anonymous Coward · 2010-05-27 07:47 · Score: 0
  
  You make it sound like security through obscurity is a bad thing.
5. Re:This is not Apple's problem. by Anonymous Coward · 2010-05-27 07:54 · Score: 0
  
  According to security experts yes...
  according to His Holy Emperor Steve Jobs? security through obscurity is the best thing.
6. Re:This is not Apple's problem. by Anonymous Coward · 2010-05-27 12:07 · Score: 0
  
  So Apple should require a TOS agreement each time the device is accessed.
Apple vs Linux by stagg · 2010-05-27 07:30 · Score: 1, Funny

Clearly Ubuntu is some kind of crazy hacker operating system, and Apple should block their products from working with it.
1. Re:Apple vs Linux by maxume · 2010-05-27 07:43 · Score: 1
  
  They tried!
  It is too strong.
  
  --
  Nerd rage is the funniest rage.
2. Re:Apple vs Linux by Anonymous Coward · 2010-05-27 07:45 · Score: 0
  
  Use... the force!!!
3. Re:Apple vs Linux by SeaFox · 2010-05-27 09:57 · Score: 1
  
  Or they can just issue a DMCA notice to all the repositories and claim Linux is a "circumvention device".
4. Re:Apple vs Linux by AmonTheMetalhead · 2010-05-27 10:07 · Score: 1
  
  For the love of god, don't give'm any ideas!
And? by lennier1 · 2010-05-27 07:31 · Score: 5, Insightful

Will their fix consist of actually making the device more secure or will they just try to make it harder use it with Linux systems?
1. Re:And? by Anonymous Coward · 2010-05-27 10:11 · Score: 0
  
  It is apple, their fix will either.
  a) Not happen for many many months if at all.
  b) detect that it is ubuntu and refuse the connection rather than fix the issue
  c) Sue the ubuntu Devs for not stopping this sort of thing.
  d) find some way to again point the finger at MS for apples sloppy security practises.
not too surprised by Anonymous Coward · 2010-05-27 07:31 · Score: 0

This was the same thing that happened back in the day with the ipod. You plug it into anything other then a mac, and it shows up as a hard drive. All you had to do was unhide anything that was hidden and you get access to everything. I think the touch got around this by making it show up as a camera, but that was easily circumvented. This really isn't that much of a surprise.
iTunes by MrEricSir · 2010-05-27 07:36 · Score: 1

Wait a sec... if I plug in my phone, iTunes automatically makes a backup of everything on it.
This backup doesn't require a PIN either!

--
There's no -1 for "I don't get it."
1. Re:iTunes by Anonymous Coward · 2010-05-27 07:54 · Score: 0
  
  The question though, is the data in that backup accessable?
  I can back up an encrypted file easily but all I have is encrypted data in the end. Doesn't help any if you can't make use of it.
  (As I lack both iTunes and a phone that takes advantage of it, I'm simply speaking in hypothetical. No practical experience with your setup.)
2. Re:iTunes by shagie · 2010-05-27 08:24 · Score: 1, Interesting
  
  On iTunes the 'Summary' tab has a set of options. One of them reads 'Encrypt iPhone backup' as a checkmark. Poking about my system (~/Library/Application Support/MobileSync/Backup/...) I can find some of the raw data that on my phone there (settings, files). So, it is possible to encrypt that data as the backup is stored but it sounds like that the unencrypted data is what iTunes accesses.
PIN != content access control by Steve+Max · 2010-05-27 07:37 · Score: 3, Insightful

The GSM standard defines a PIN as an access number for your SIM card. It has nothing to do with your phone's contents. Most phones allow you to set up a security key, which is needed either to turn on the phone every time (even if you have your SIM set up not to need a PIN), or when you change the SIM.
I don't know if this is actually the same PIN defined by the GSM standard or if it's another, Apple-specific key; but when you're talking about phones, PIN is connected to the SIM, or to the phone line, not to the phone contents.
1. Re:PIN != content access control by CoffeeDog · 2010-05-27 08:15 · Score: 1
  
  They're talking about the 4 digit security code/password/PIN that you have to punch in to the iPhone to unlock it. If you have a 3GS with an unlock password set and you hook it up to iTunes and try to sync it while it's at the lock sceen, you'll be met with an error that you must unlock the phone first. This is so if your phone is locked someone can't just nab it and hook up a USB cable and sync it to their iTunes to grab your info off it. Ubuntu doesn't have any problem accessing the phone though even if it is at the lock screen with the password set.
2. Re:PIN != content access control by Steve+Max · 2010-05-27 08:28 · Score: 2, Insightful
  
  So, they're not talking about the PIN in the meaning you expect when discussing phones, but about a security code that has no connection with the GSM PIN. Or, in other words, you don't have to use that key when you put your iPhone's SIM in another phone.
  Why can't people keep consistency? Calling a security code "PIN" when discussing cell phones is like calling a DVD "hard disc". It's not technically wrong (it's a "personal identification number", or a hard, disc-shaped object), but the word has a completely different usual meaning when used in context.
3. Re:PIN != content access control by Anonymous Coward · 2010-05-27 08:38 · Score: 0
  
  When they say "PIN" they're referring to the key iPhone users can set up to "lock" their phones while not in-use. PIN doesn't have to be "connected to the SIM", it can personally identify anything it damn well pleases :P.
4. Re:PIN != content access control by CoffeeDog · 2010-05-27 08:40 · Score: 1
  
  For the same reason many of the people I support refer to their computer tower as the "hard drive". They really just don't know/care about the difference. ;)
5. Re:PIN != content access control by Steve+Max · 2010-05-27 08:50 · Score: 2, Funny
  
  I expected more from Slashdot. Yeah, I know, I must be new here.
6. Re:PIN != content access control by stickystyle · 2010-05-27 10:42 · Score: 1
  
  Different PIN in this case. This is the pin to unlock the phone for usage, not unlock the SIM for access (of which I don't even think you can set on an iPhone)
  
  --
  Pluralitas non est ponenda sine neccesitate
No shit, Sherlock by whterbt · 2010-05-27 07:38 · Score: 1, Insightful

Seriously, people are shocked by this? Did anyone actually think entering a PIN was encrypting the device? Who told you that it would?
This was a feature intended to keep your jerkwad friends from picking up your phone and prank-texting your boss or girlfriend. Nothing more.
Helpful hint to all those who were fooled by this: those "fingerprint scanner" apps in the App Store aren't real, either.

--
Too late to be known as Bush the First, he's sure to be known as Bush the Worst.
1. Re:No shit, Sherlock by Anonymous Coward · 2010-05-27 07:43 · Score: 0
  
  They're not!? Crap, I've been using them for a long time now! I hope no one stole anything!
2. Re:No shit, Sherlock by robmv · 2010-05-27 08:37 · Score: 1
  
  no, I do not think PIN = encryption, but I at least hope that casual copying must not be allowed easily. for example, I leave mi phone on my desktop, go to the bathroom, I do not want someone to be able to get my data with just a few seconds of using the device, I know, you can break the device, take the internal memory and get the data, but at least that is not something that could be done in the time I go to the bathroom and I will notice it
  Android (I hope other devices too), at least the Nexus One 2.1 version when you plug the USB cable, you must confirm on the phone screen that you want to mount the device something you can not do if the device is locked , until you do that, it is only charging it. On the Nexus you get access only to the SD Card contents, not the internal databases like contacts, account passwords. You can extract the SD Card, but you will need to remove the battery, at least I will know someone messed with my phone.
  I like the mount confirmation window, just because I can charge it on any random USB port, even on Windows and not be afraid of getting infected files to spread to other people using Windows.
3. Re:No shit, Sherlock by Ruud+Althuizen · 2010-05-27 09:23 · Score: 1
  
  And that is why the PIN is used to access a better encryption key (the AES 256 bit part, see below) to actually encrypt your data. I'm not sure about the source of that, but I believe it is from some /. comment.
  
  --
  **TODO** Steal someone elses sig.
4. Re:No shit, Sherlock by BitZtream · 2010-05-27 09:37 · Score: 1
  
  Entering a PIN unlocks the hardware keys built into the device that allows access to the encrypted parts of the file system.
  The PIN is simply a short password for a RSA/DSA key used for everything else, you know, to do the actual work.
  
  --
  Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Attempted to duplicate - not quite what they say by __aaaaxm1522 · 2010-05-27 07:43 · Score: 4, Informative

I plugged my iPhone 3GS into my Ubuntu box. While it's true that Ubuntu did automount the iPhone, the only thing I can find that was exposed was my music, photos and podcasts.
I wasn't able to access email, contact info, or anything else on the phone. I did see the Application Archives, PublicStaging, Purchases, and Safari folders but they're empty. I have lots of email and contact info on the device - but it appears to be inaccessible via this method.
RTFA.. by Anonymous Coward · 2010-05-27 07:44 · Score: 5, Informative

From Apple:
Apple iPhone Security Overview [1]:
Data Protection:
Protecting data stored on iPhone is important for any environment with a high level of sensitive corporate or customer information. In addition to encrypting data in trans-mission, iPhone 3GS provides hardware encryption for data stored on the device.
Encryption:
iPhone 3GS offers hardware-based encryption. iPhone 3GS hardware encryption uses AES 256 bit encoding to protect all data on the device. Encryption is always enabled, and cannot be disabled by users.
1. Re:RTFA.. by Anonymous Coward · 2010-05-27 08:22 · Score: 0
  
  Except when plugged into a standard usb port using the cable that came with the device. doh!
2. Re:RTFA.. by Late+Adopter · 2010-05-27 09:56 · Score: 2, Interesting
  
  So when someone rips the flash chips off the board, they can't read them, but when they just, you know, ASK the iPhone for the data, it gives it to them?
  
  Security by friendliness?
3. Re:RTFA.. by Anonymous Coward · 2010-05-27 09:59 · Score: 0
  
  iPhone 3GS offers hardware-based encryption. iPhone 3GS hardware encryption uses AES 256 bit encoding to protect all data on the device. Encryption is always enabled, and cannot be disabled by users.
  A certain online casino platform encrypted all the data that was passed between the clients and the servers. I don't remember the exact algorithm used (it was considered strong at the time) but the key was hardcoded into the source. The platform was provided to several (competing) customers.
4. Re:RTFA.. by Graff · 2010-05-27 12:26 · Score: 1
  
  Data Protection:
  Protecting data stored on iPhone is important for any environment with a high level of sensitive corporate or customer information. In addition to encrypting data in trans-mission, iPhone 3GS provides hardware encryption for data stored on the device.
  Encryption:
  iPhone 3GS offers hardware-based encryption. iPhone 3GS hardware encryption uses AES 256 bit encoding to protect all data on the device. Encryption is always enabled, and cannot be disabled by users.
  Actually if you go directly to Apple's PDF that the quote came from:
  iPhone in Business Security Overview
  You'll see that this specifically refers to iPhones set up using the Enterprise Deployment features. A non-enterprise user does not have these protections enabled by default. If you want these protections you need to see this PDF:
  iPhone OS Enterprise Deployment Guide
  
  --
  Sapere aude!
5. Re:RTFA.. by Anonymous Coward · 2010-05-27 14:41 · Score: 0
  
  mod parent up
PIN can't encrypt by Anonymous Coward · 2010-05-27 07:45 · Score: 0

If they made the PIN encrypt the data it would break every existing iPod-ready music player.
Apple has become a parody of itself. by jedidiah · 2010-05-27 07:47 · Score: 1

This is just too funny.
The latest release of iTunes crashes in my XP VM.
The latest Ubuntu can read an iPhone like a regular iPod again.
So my Ubuntu VM is a better environment for dealing with my iPhone than my XP VM is.
What a hoot.

--
A Pirate and a Puritan look the same on a balance sheet.
1. Re:Apple has become a parody of itself. by MBGMorden · 2010-05-27 08:32 · Score: 1
  
  You probably want to try to diagnose your XP iTunes problem (it works fine when properly setup - I'm using it without issue).
  The latest version of Ubuntu kinda sorta works with the iPod. If you like manually dragging and dropping files to and from the device then it works OK. If you want true syncing capability (rather than manual), or to manage apps on the device, then Windows still works better.
  I'm fully expecting to move to a Droid phone within a few months though which should allow me to move over everything to a complete Linux solution (I'm hoping Nightingale is in a decent release shape by then).
  
  --
  "People who think they know everything are very annoying to those of us who do."-Mark Twain
2. Re:Apple has become a parody of itself. by onkelonkel · 2010-05-27 09:10 · Score: 1
  
  Just slightly off-topic, but if Apple is trying to entice Windows users to the superior Apple experience, you might think they would make sure that i-Tunes, where most Windows users get their first taste of Apple, wasn't such a randomly annoying pain to use.
  
  --
  None of them can see the clouds; The polished wings don't care.
3. Re:Apple has become a parody of itself. by SEE · 2010-05-27 10:33 · Score: 1
  
  Steve Jobs has said that iTunes is the best application for Windows ever. How can you doubt his declaration?
4. Re:Apple has become a parody of itself. by germansausage · 2010-05-27 14:17 · Score: 1
  
  My #1 annoyance is the grid view. I can move every column except the song name which is locked on the far left. WTF?? Any Apple fanbois want to explain that one? Am I the only person who wants to order things by Artist > Album > Track Number > Song Name?
5. Re:Apple has become a parody of itself. by splatter · 2010-05-28 08:26 · Score: 1
  
  No your not the only one. Itunes has frustrated the hell out of me since my first ipod 10+ years ago with this bullshit. I don't understand how hard it is to put some code into the program to allow simple sorting.
  
  --
  "(I) have this unfortunate condition that causes me not to believe a single thing any politician says when a mic's on.
So in other words... by Anonymous Coward · 2010-05-27 07:48 · Score: 0

...Ubuntu is a DRM hacking tool for terrorists? I told you the Linux was anti-American!!!!!
Better not fix it. by ebbomega · 2010-05-27 07:57 · Score: 1

Not being able to talk with Linux is one of the things that has kept me off iPods for years. I finally liked the features of the iPod touch and buckled, and used it in Virtualbox under windows/iTunes (so I didn't have to jailbreak it).
Now, finally, Rhythmbox can seamlessly put music on my iPod. If they take that functionality away, then that oft-publicized letter that Jobs put forth touting open standards as an excuse for not supporting Flash is going to be exposed as pure and utter hogwash.

--
Karma: Non-Heinous
1. Re:Better not fix it. by geekoid · 2010-05-27 09:12 · Score: 2, Informative
  
  There have been Linux tools for getting music on and off the iPod since about a week after the first iPod came out.
  Yeah, Apple doesn't support it, but so what?
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
Sorry I have to point out by Anonymous Coward · 2010-05-27 07:59 · Score: 0

Woooosh!
1. Re:Sorry I have to point out by egcagrac0 · 2010-05-27 08:42 · Score: 1
  
  Hardly.
  I'm just feeding the troll.
Bad Bad Apple by 99BottlesOfBeerInMyF · 2010-05-27 07:59 · Score: 1

Seriously, they don't encrypt the content of an iPhone by default? I mean, it's not the default on Blackberry, but it's there and Blackberry have been around for a long time. When making a new device, why not build encryption into the filesystem? Apple has all the components already from their desktop and it can't suck that much battery. Now Apple is offering encryption just for e-mail? Really, that isn't good enough. And while I'm at it, Google what's up with you doing the same bloody thing? Come on guys. It's 2010. Encryption should be there by default so if your phone is stolen the data is useless, especially if you're going to offer a remote wipe. Wiping just the keys is a lot faster than hoping they don't turn it off while you wipe the whole drive.
1. Re:Bad Bad Apple by Benanov · 2010-05-27 08:27 · Score: 1
  
  It's encrypted - but the communication protocol is decrypting it for you.
Already fixed in iPhone OS 4.0 by bic2k · 2010-05-27 08:00 · Score: 5, Interesting

Ya, one of the new features in iPhone OS 4.0 is "Data Protection". Specified files for applications are on the fly encrypted and decrypted. The phone has to be unlocked (valid pin entered) to access the data.
Seems like they already handled this issue, unless someone wants to test that on an iPhone with 4.0 running on it...

--
--- its to bad about the monkey, I kinda liked them
1. Re:Already fixed in iPhone OS 4.0 by Nikademus · 2010-05-27 09:01 · Score: 1
  
  Indeed I just tried with my phone running 4.0 beta4 locked, and nothing mounted, then I unlocked it and retried and it automounted like a block device.
  
  --
  I gave up with the idea of an useful sig...
If this was a Sony phone, instad of an Apple one, by Anonymous Coward · 2010-05-27 08:11 · Score: 0

...surely we could expect a firmware update that removes the offending OS?
(I'll leave it to your imagination if that would mean blanking the phone or blanking the Ubuntu Linux computer the phone is attached to)
Captcha: pursed - one of the two states of a female-owned iPhone
And the problem is...? by mikenevans · 2010-05-27 08:18 · Score: 0, Redundant

I plugged my Windows hard-drive into my Ubuntu box and **surprise** "it was automounted with all of the Windows data exposed." I guess there's no security in Windows either? Hmmm, then I did it with an Ubuntu drive on another Ubuntu machine and it's data was exposed too! The truth is that there's no real security in any device when you have physical access to it unless *all* data is encrypted, which I have yet to find ANY operating system that does that.
1. Re:And the problem is...? by Anonymous Coward · 2010-05-27 13:34 · Score: 0
  
  I plugged my Windows hard-drive into my Ubuntu box and **surprise** "it was automounted with all of the Windows data exposed." I guess there's no security in Windows either? Hmmm, then I did it with an Ubuntu drive on another Ubuntu machine and it's data was exposed too! The truth is that there's no real security in any device when you have physical access to it unless *all* data is encrypted, which I have yet to find ANY operating system that does that.
  Doesn't sound like you've actually looked very hard, then. There is software for encrypting the system partitions under GNU/Linux as well as Windows. Obviously, there will be a small section of the unencrypted data necessary to boot the system and load the code necessary to get your encryption key so that it can decrypt the rest of the data to boot the OS.There's no possible/logical way around that short of using hardware based encryption. Of course, you could use a bootable CD or USB drive to store the boot code. Then you can remove it once the system is booted.
  Of course, if someone has physical access to your machine, then there are still several ways they can get your data even if it's using full disk encryption. Especially if the system is running (which obviously requires that it have the encryption key still in memory), or if you ever plan on using the system again in the future (hardware keylogger, modified bootloader/BIOS, etc.). However, at least those are much more cumbersome and outside the technical capabilities of even your above-average criminal.
Re:So? by Anonymous Coward · 2010-05-27 08:24 · Score: 0

You would be surprised of how many PHBs are giving up their Blackberries for iPhones. This is why Apple has gone out of their way to provide not just basic Exchange support [1], but being able to support policies from Active Directory and enforce those on the phone.
[1]: Technically, since Exchange supports POP and IMAP, any client along those lines is good enough.
Re:Attempted to duplicate - not quite what they sa by aaarrrgggh · 2010-05-27 08:24 · Score: 1

...and these things need to be accessible without PIN for compatibility with third party devices. Sounds like Apple just needs to clarify that iPod functions are not encrypted... or offer an option to encrypt them.
Wonder if remote wipe kills this content as well?
Re:Attempted to duplicate - not quite what they sa by Benanov · 2010-05-27 08:25 · Score: 3, Informative

Read the advisory more carefully. You need to turn off your phone, connect it, then boot the phone while it's connected to the Lucid box.
The security check is bypassed at boot, probably assuming the phone needed to be recovered.
problem by Anonymous Coward · 2010-05-27 08:27 · Score: 0

"It has been reported to Apple, but they seem to be having difficulty reproducing the problem."
Let me guess, they don't have any Ubuntu systems.
Or is this one of those things that only works in Apple comps?
Well thats easy to figure out... by Anonymous Coward · 2010-05-27 08:39 · Score: 0

Apple Exec: Ok, lets open up this Ubuntu program and find the exploit!
Apple Employee: Well sir, its an operating system, not a program.
Apple Exec: What?! We aren't putting that ghetto crap on our Macs! Get out of here!
Apple Employee: Sorry guys, we had trouble reproducing the problem.
I had to disable the PIN by Anonymous Coward · 2010-05-27 08:47 · Score: 0

On Ubuntu 10.04, my iPhone 3GS would not mount or show in Rythmbox with the PIN enabled. It took a while to figure out that was the problem.
After the initial pairing, you can re-enable the PIN and it will still mount.
Two kinds of "fix" by Benanov · 2010-05-27 08:52 · Score: 1

There's "fix" as in completely remove the functionality, and "fix" as in allow the proper mounting after the PIN is supplied.
Convenient dodge of the issue. by Benanov · 2010-05-27 08:57 · Score: 1

You're missing the point. The data is supposed to be encrypted. It is not. It's not even protected by the PIN.
1. Re:Convenient dodge of the issue. by H0p313ss · 2010-05-27 09:04 · Score: 1
  
  You're missing the point. The data is supposed to be encrypted. It is not. It's not even protected by the PIN.
  It's not that it wasn't encrypted. What appears to be happening here is the OS politely decrypting the contents and making available to the USB mass-storage interface.
  
  --
  XML is a known as a key material required to create SMD: Software of Mass Destruction
Still a great thing by nurb432 · 2010-05-27 09:07 · Score: 1

If it exposes your media, like the older iPods did, that's a great thing in its own right.

--
---- Booth was a patriot ----
1. Re:Still a great thing by AmonTheMetalhead · 2010-05-27 10:12 · Score: 1
  
  Wait, newer iPods aren't mountable anymore?
Not just Linux by illogic · 2010-05-27 09:33 · Score: 1

You can mount iPhones as disks for free on Mac with "Disk for iPhone" http://code.google.com/p/iphonedisk/ or "Phone Disk" http://www.macroplant.com/phonedisk/
I do it all the time!
Old news ... by BitZtream · 2010-05-27 09:34 · Score: 2, Insightful

Yes, you can get the raw data off without a PIN.
The original phones up until the 3Gs didn't encryption the data.
The 3GS and presumable 4.0 phones encrypted the data using a key that isnt (in theory) directly accessable to anyone outside the phone os and more specifically hardware.
So yes, there have been many ways to get data off 2g and 3g devices. 3Gs and 4.0 devices work in a different way so short of ripping apart a chip to get the key, the best you'll get is an encrypted memory dump which is more or less worthless unless you can get the key out of the hardware.
On older phones with newer OSes a remove wipe destroys the key. Updated versions of the software first destroy the key, then proceed to overwrite the encrypted data itself to make it useless even if you obtained the key somewhere else.
Basically, Apple realized this was studip 2 revisions of the hardware back and has such fixed the issue.
When you unlock the phone, you effectively add the key to the file system keystore so it can decrypt the files.
if you unlock your phone, you have ... unlocked your phone. Whats the difficulty in understanding this?

--
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
1. Re:Old news ... by batkiwi · 2010-05-27 10:06 · Score: 1
  
  The issue occurs on 3gs devices though.
  This isn't about a memory dump, this is about booting the phone while it's connected, and the firmware recovery bit will give a requesting computer the complete DECRYPTED file system. This is without having to enter in a pin.
Confirmed with first gen iPhone by Culture20 · 2010-05-27 10:42 · Score: 1

This is awesome. I may not upgrade to iPhone OS 4. Oh wait, I can't anyway because I'm first gen. Then I guess I may not upgrade to a iPhone 4G. After this phone dies, I'll choose something more inter-operative like... anything.
1. Re:Confirmed with first gen iPhone by Anonymous Coward · 2010-05-27 23:14 · Score: 0
  
  ...android?
not a friendly dist at all by Anonymous Coward · 2010-05-27 12:04 · Score: 0

breaking an entry is not very frienly.
Re:Attempted to duplicate - not quite what they sa by jackchance · 2010-05-27 12:16 · Score: 1

mod parent up, informative!!!

--
1 1 2 3 5 8 13 21 34 55 89 144 233 377 610 987 1597 2584 4181 6765
Physical security is still king. by zerofoo · 2010-05-27 12:49 · Score: 1

A long time ago I learned that all other security comes after physical security. Without physical security, nothing else matters. Apple should remember this when giving out prototype next gen products to employees. -ted
Original iPhone too. by Anonymous Coward · 2010-05-27 13:06 · Score: 0

It's not just the 3GS, it also Lucid Lynx also exposes the filesystem on an original iPhone. It just as if I plugged my iPod into the machine. And what's really cool/funny, is that Ryhythmbox displays all of the music.
First they loose a phone in a bar and then 10.04 exposes it's guts. Someone is asleep at the keyboard!
Of course they can't reproduce it... by MisterE · 2010-05-27 14:11 · Score: 1

Of course they can't reproduce it... .. somebody at Apple has to own a Linux system first.
Encryption? by garphik · 2010-05-27 15:15 · Score: 1

I thought these devices would have encrypted the files in filesystem that is why the PIN... Seems odd
Interface dweebs by Anonymous Coward · 2010-05-27 17:08 · Score: 0

...but the company seems to be having difficulty reproducing the problem.
When they saw the terminal console, their heads subsequently exploded from deprivation of Apple's Glorious and Holy User Interface.
Re:Attempted to duplicate - not quite what they sa by __aaaaxm1522 · 2010-05-27 17:22 · Score: 1

Benanov: Read my post more carefully (and the original article) before you tell me to read more carefully.
I did exactly what was described in the security advisory and saw the exact same thing they did. I'm just pointing out that almost no "personal" data was exposed (by "personal", I mean emails, calendar and contact info). Your music & photos are up for grabs, and that's not a good thing. But far less damaging than full access to my email accounts as far as I'm concerned.
Re:Attempted to duplicate - not quite what they sa by __aaaaxm1522 · 2010-05-27 17:25 · Score: 1

Besides, don't most people *want* access to their media on the iPhone/iPod? Remember when you could mount old iPods as drives and access the music on them (there was no "security check" there either). Well, this seems to be the same thing, albeit unintentional (or is it?)
Re:Attempted to duplicate - not quite what they sa by kolcon · 2010-05-27 18:42 · Score: 1

Maybe it is enough to put Mr. proper chmod on the folders?
From Iphone3G API documentation... by SharpFang · 2010-05-27 23:34 · Score: 2, Insightful

You can't blame Apple for Ubuntu mis-implementing the API and skipping a step described as mandatory.
From Iphone3G API documentation...
7.4 Mounting the phone filesystem over USB
(...)
User authentication must be assured to mount encrypted filesystem. A call to validatePIN() method is a mandatory step before attempting to acquire the system key and mounting the filesystem. A typical scenario of mounting the filesystem goes like this:
IphoneSecurity& sec = Iphone::Security(); IphoneSecurity::EncKey key = NULL; IphoneIO::Partition mp = NULL;
if(sec.validatePIN() == true) { key = sec.getEncKey(); mp = sec.mount(device,mountpoint,options,key); } else { //error handling }
it's a spoof, dummies

--
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
1. Re:From Iphone3G API documentation... by Anonymous Coward · 2010-05-28 03:56 · Score: 0
  
  You can't blame Apple for Ubuntu mis-implementing the API and skipping a step described as mandatory.
  So wait, if I get money out of an ATM by skipping the step where I put in my card, it's my fault, not the maker of the ATM?
2. Re:From Iphone3G API documentation... by SuiteSisterMary · 2010-05-28 05:32 · Score: 1
  
  You can't blame Apple for Ubuntu mis-implementing the API and skipping a step described as mandatory.
  Yes, you can. Failing to provide a token when a token is required should result in no access, not in full or near-full, or even partial, access.
  
  --
  Vintage computer games and RPG books available. Email me if you're interested.
3. Re:From Iphone3G API documentation... by Anonymous Coward · 2010-05-28 20:17 · Score: 0
  
  read the last line of that post, dummy.
Re:Sounds like a feature for epSos.de by Anonymous Coward · 2010-05-28 02:01 · Score: 0

Futurama Quote ?
1st Generation iPhone by Anonymous Coward · 2010-05-28 03:10 · Score: 0

I noticed this on my first generation iPhone after I upgraded to Lucid. The file names are hashed, so I have to look at each file's properties to find that ASDFKJ.mp3 really is "Fire" song by Fiji.
Apple implements STA by stickmaster_flex · 2010-05-28 04:17 · Score: 1

Security Through Arrogance.
Warranties. by ebbomega · 2010-05-28 05:54 · Score: 1

If I jailbreak my iPod touch, my warranty is voided. That's what.

--
Karma: Non-Heinous
goodluckwiththat by ebbomega · 2010-05-28 05:57 · Score: 1

You really think they'll do the latter? It seems like it would just take a lot less man-hours (read: money) to just make it so that you provide the PIN through the only platform available (read: iTunes) to do so, thus negating the user experience for anybody not on Windows or Mac.

--
Karma: Non-Heinous
The data is encrypted... by aristotle-dude · 2010-05-29 10:09 · Score: 1

What happened here is someone reverse engineered the protocol tools for communicating with the iPhone on Ubuntu and the data is decrypted on the fly.
This flaw can be defeated with a remote wipe which you can do if your phone is either setup with the Mobileme "find my iphone" feature or provisioned through exchange.
Apple will have to implement a key exchange protocol and keep that closed source. Every security measure can eventually be discovered but providing the source is giving a major head start for the would be hacker to try brute force attacks against a known implementation.

--
Jesus was a compassionate social conservative who called individuals to sin no more.