Slashdot Mirror

← Back to Stories (view on slashdot.org)

iPhone's PIN-Based Security Transparent To Ubuntu

Posted by timothy on from the so-I-hope-you-were-using-pig-latin dept.

ndogg writes "Security experts found that the iPhone 3GS has very little security, even with a PIN set up. They plugged one into Ubuntu 10.04, and it was automounted with almost all of the iPhone's data exposed. This has been reported to Apple, but the company seems to be having difficulty reproducing the problem."

15 of 264 comments (clear)

  1. Sounds like a feature by kthreadd · · Score: 5, Insightful

    So the problem is that the memory of the iPhone is mounted and that the data is exposed? I may not understand this exactly but hasn't the argument been for many years now that iPods couldn't be directly mounted like that?

    1. Re:Sounds like a feature by stagg · · Score: 5, Funny

      Critical bug! Product too versatile -- works with non-Apple operating systems.

    2. Re:Sounds like a feature by marcansoft · · Score: 5, Informative

      They're not a block device, so you can't mount their filesystem as such. Instead, they're effectively network drives: the proprietary AFC file transfer protocol tunneled over a hugely mutilated version of TCP stuffed into USB packets. Which you can mount under Linux, using FUSE and the appropriate apps (usbmuxd, libimobiledevice, and ifuse). I maintain usbmuxd.

      Apparently Apple relies on security through obscurity here (only their apps are usually able to talk to an iDevice), and the actual protocols aren't secured.

      Incidentally, this is where the term "jailbreaking" comes from: breaking out of the AFC filesystem jail (which is usually limited to the user's data partition). Jailbreaking's original feature was to introduce a secondary AFC share with root privileges on the root directory, and jailbreaks to this day still do. You can use ifuse --root under Linux to mount this secondary share.

    3. Re:Sounds like a feature by fuzzyfuzzyfungus · · Score: 5, Interesting

      I have to wonder what sort of testing Apple(didn't) do here. If it is possible for a linux machine to mount the filesystem, then setting a PIN clearly has no effect at all on the device's access control of that filesystem. Even if plugged into a mac or PC running iTunes, the data should be equally accessible.

      Either they simply didn't feel the need to make the PIN actually do much more than lock the screen(arguably fairly misleading), or next to no testing was done, or (even worse), setting the PIN also sets some sort of "politely ignore the data you could easily access" flag, that iTunes obeys and the third-party implementations don't.

    4. Re:Sounds like a feature by marcansoft · · Score: 5, Informative

      Correct. I wrote most of the usbmuxd implementation that we use on Linux as a clone of Apple's version. In fact, you should (as of yesterday) be able to compile libusbmuxd and libimobiledevice and maybe even ifuse (with macFUSE?) and use them together with Apple's usbmuxd on OSX to pull off this hack there. Heck, I think at least libusbmuxd and libimobiledevice should even build on Windows these days (Apple provides a Windows version of usbmuxd with iTunes).

    5. Re:Sounds like a feature by greatica · · Score: 5, Funny

      Breaking into an Apple device: "it just works."

    6. Re:Sounds like a feature by marcansoft · · Score: 5, Informative

      The iPhone 3GS supposedly uses whole-disk encryption. This does squat when your USB comms protocol doesn't request authentication though, since you can pull the data off through the iPhone kernel's transparent decryption layer.

      In other words, this hack has nothing to do with encryption and everything to do with an insecure protocol that makes no attempt to actually request PIN authentication before handing over all your data. Nobody expected your PIN to actually act as key for encryption anyway; that's impossible, as the iPhone has to be able to access your data even while locked.

    7. Re:Sounds like a feature by Mike+Buddha · · Score: 5, Informative

      The filesystem IS encrypted, but the OS happily decrypts everything for you without any form of authentication. That's the story here.

      --
      by Mike Buddha -- Someday the mountain might get him, but the law never will.
  2. This is not Apple's problem. by gimmebeer · · Score: 5, Funny

    It is a security problem with Ubuntu and should be fixed by their dev team before they are sued for hacking. Afterall, the iPhone was not meant to be connected to anything other than Apple software.

  3. And? by lennier1 · · Score: 5, Insightful

    Will their fix consist of actually making the device more secure or will they just try to make it harder use it with Linux systems?

  4. RTFA.. by Anonymous Coward · · Score: 5, Informative

    From Apple:

    Apple iPhone Security Overview [1]:

    Data Protection:

    Protecting data stored on iPhone is important for any environment with a high level of sensitive corporate or customer information. In addition to encrypting data in trans-mission, iPhone 3GS provides hardware encryption for data stored on the device.

    Encryption:

    iPhone 3GS offers hardware-based encryption. iPhone 3GS hardware encryption uses AES 256 bit encoding to protect all data on the device. Encryption is always enabled, and cannot be disabled by users.

  5. Re:Wow. by Anonymous Coward · · Score: 5, Funny

    I think that this is just ridiculous and just more evidence that Linux users are nothing but criminals and thieves and open source should just be outlawed. It is this "free" software that engenders this attitude of laissez-faire we can do whatever we like without paying for anything that is the direct cause of security breaches such as this with the iPhone. The fact that open sores can continue to exist despite the hundreds of intellectual thefts in the form of Microsoft's patents, Fraunhofer Institutes patents with the mp3 players, Unix copyright thefts.

    Don't you freetards get it? If you want something, you have to pay for it. And 100 dollars for something as great as an OS isn't that much. Look at the great things Bill Gates has done with his Windows money. Furthermore, you can't just steal it and expect to always get away. How are developers supposed to be paid? How is the US economy supposed to grow if its greatest companies like MS, Apple, SCO, Oracle, IBM, etc. are brought down by this communist freeware? If I had my way, you'd all be hunted down and put under the jail.

  6. Already fixed in iPhone OS 4.0 by bic2k · · Score: 5, Interesting

    Ya, one of the new features in iPhone OS 4.0 is "Data Protection". Specified files for applications are on the fly encrypted and decrypted. The phone has to be unlocked (valid pin entered) to access the data.

    Seems like they already handled this issue, unless someone wants to test that on an iPhone with 4.0 running on it...

    --
    --- its to bad about the monkey, I kinda liked them
  7. Re:Wow. by VGPowerlord · · Score: 5, Funny

    It's OK, Steve. It's OK. No need to start throwing chairs here.

    --
    GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
  8. Re:Hard drive by Anonymous Coward · · Score: 5, Informative

    Here you have gone from saying there is no way to remove the storage (+5 Informative, haha), to saying there is a viable way to remove the storage. Kudos to you, sir. Now, where's my +5 Informative?