Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

Summary: Do you have a PIN code on your iPhone? Well, while that might protect you from someone making a call or fiddling with your apps, it doesn't prevent access to your data ... as long as the person doing the snooping around is using Ubuntu "Lucid Lynx" 10.04.

SHARE:

Do you have a PIN code on your iPhone? Well, while that might protect you from someone making a call or fiddling with your apps, it doesn't prevent access to your data ... as long as the person doing the snooping around is using Ubuntu "Lucid Lynx" 10.04.

Security experts Bernd Marienfeldt and Jim Herbeck discovered something really interesting when they hooked up a non-jailbroken, fully up-to-date iPhone 3GS to a PC running Lucid Lynx ...

I uncovered a data protection vulnerability [9], which  I could reproduce on 3 other non jail broken 3GS iPhones (MC 131B, MC132B) with different iPhone OS versions installed (3.1.3-7E18 modem firmware 05.12.01 and version 3.1.2 -7D11, modem 05.11.07) , all PIN code protected which means the vulnerability bypasses authentication for various data where people most likely rely on data protection through encryption and do not expect that authentication is not in place.

This is what you get via an auto mount without any PIN request:

This data protection flaw exposes music, photos, videos, podcasts, voice recordings, Google safe browsing database, game contents… by in my opinion the quickest compromising read/write access discovered so far, without leaving any track record by the attacker. It’s about to imagine how many enterprises (e.g. Fortune 100) actually do rely on the expectation that their iPhone 3GS’s whole content is protected by encryption with an PIN code based authentication in place to unlock it.

This, quite honestly, is a staggering flaw. It basically allows anyone capable of driving a Linux PC to copy data off of an iPhone without the owner of the phone having any idea whatsoever that this has happened.

What's more worrying is that Marienfeldt and Herbeck think that write access to the iPhone is only a buffer overflow away, which means serious access.

Topics: iPhone, Data Centers, Data Management, Hardware, Mobility, Open Source, Security, Smartphones, Storage

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

82 comments
Log in or register to join the discussion
  • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

    Is this only valid for 3gs ? I am going to test if it works on my 3g as soon as i get home.....
    james.kilby@...
  • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

    There goes my bloody iPhone sync capability.
    ssj6akshat
    • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

      @ssj6akshat
      yeah I was all excited because it did work... dont think Im gonna be upgrading to the latest iphone OS
      nickdangerthirdi@...
  • And in other shocking news, tech experts reveal

    that someone having direct physical access to your computer can compromise it...
    frgough
    • Except...

      @frgough

      *Nobody did anything*.

      All they did was hook it up to an Ubuntu box. And the iPhone automounted without saying "boo". No challenge, no refusal, no *nothing*.

      This wasn't a case of physical access allowing a hack, this was a case of of the iPhone not having any security *AT ALL*. There's no defending this.

      Apple doesn't have any security on the iPhone. Not when anybody can plug it in and download the phone *without* challenge, *without* security authorization, *without* the phone making a peep of protest.

      Get it now?

      Jeez, Apple apologists...
      wolf_z
      • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

        @wolf_z Knowing Apple,I think they will block Linux users instead of providing security patches.
        ssj6akshat
      • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

        Did they hook it up without physical access?
        msalzberg
      • The iPhone is a security nightmare

        @wolf_z
        First it lies to Exchange about encrypting data, then it turns out that the encryption it uses can be broken in about 5 seconds, now it turns out that a PIN designed to keep people out doesn't even [b]try[/b] to perform as advertised. All those morons apologizing about physical access forget that [b]this is what the PIN was designed to do[/b]. Apple [b]failed[/b]. If physical access [b]of a mobile device[/b] is no big deal, why bother with the whole PIN thing at all?

        Apple apologists are the biggest idiots on ZDNet.
        NonZealot
      • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

        @wolf_z it is a well known fact in the computer security field that if you have physical access to a computer, you can compromise it. Even password protected data will fall to password guessing software.

        I am also willing to bet that if you don't have any Apple software loaded, you can probably get any OS that supports USB storage to mount an iPhone.

        I'm not an "Apple apologist", I do own two Macs, they both sit in my storeroom waiting for me to wipe them and sell/give them away.
        Farrell.McGovern
      • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

        @wolf_z "*Nobody did anything*.

        All they did was hook it up to an Ubuntu box. And the iPhone automounted without saying "boo". No challenge, no refusal, no *nothing*."

        I think his point wasn't that apple screwed the pooch on security, his point was when you have direct physical access to any device the security can be compromised, and the *did do something* they had to plug it in, its not like they were able to do this over a wifi connection. you have physically connect it to an ubuntu box. I dont really recall him apologizing for apple... just stating a well known fact...
        nickdangerthirdi@...
      • Apologist / Apologize

        @nickdangerthirdi

        Just FYI, apologist in this context has nothing to do with "apologizing."

        Type " define:apologist " in to any google search field.
        midenginedrift
      • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

        @wolf_z and NonZealot - What you do not get is that one has to have physical access to the device AND be running Ubuntu Lucid Lynx... which is what 6-10 people?

        Yes it IS an issue and one that Apple needs to fix - but calling people morons and apple apologists is not fixing the issue and just making you look like trolls.
        athynz
      • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

        @msalzberg

        Hey msalzberg! Ya, of course they hooked up without physical access! They put on their tinfoil hats, hit they computers florescent purple Whoopee button and away they went!!

        Don't ask ludicrous questions that you already know the answer to. Wake up and take a whiff of reality for a minute. A P.I.N. number for security is created exactly for the eventuality of preventing someone who HAS PHYSICAL POSSESSION of the item from gaining easy access to it. Just like a credit card or banking card. Figure it out pal, Joe Blow Bossman isn't afraid to leave his iPhone lying around on his desk from time to time because its P.I.N. protected and nobody can get into it and mess with his data. In walks Jimmy the Geek Employee with his Lucid Lynx equipped netbook. Bingo Bango Bongo and the Geek has copies of all Bossmans data. Bossman comes back in to find his iPhone lying right where he left it. And hes never going to know Jimmy got his data.

        This is bloody terrible.

        And yes, I have an iPhone 3G. Wake up chum.
        Cayble
    • Not necessarily.

      @frgough

      Have you ever heard of volume encryption? If done properly it prevents access to your data by anyone having physical access to your machine.

      Until today I never heard of a case where it didn't work. I guess this is another Apple innovation, those Apple guys just can't seem to stop innovating.
      OS Reload
    • How often is your computer taken onto a taxi?

      @frgough
      If you can't see the difference between physical access of a desktop / server where physical security can be heavily controlled and physical access of a mobile device where physical security can't be controlled then you are a bigger moron than you constantly make yourself out to appear, and that is saying a lot.
      NonZealot
      • Indeed

        @NonZealot

        Indeed. At least with most desktops you'd have building security to get past. Between Laptops, and iPhones which are carried everywhere... I'd think there's a larger possibility of iPhones getting lost or stolen simply because of their size. Just ask Apple.

        Now if the one thing that's supposed to get in the way of accessing the data stored on them does nothing, well that's just inexcusable.
        Badgered
    • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

      @frgough

      I guess if you lose your iPhone you don't expect its security measures to protect your data, and that's why this isn't a big deal to you?
      tikigawd
    • RE: Ubuntu Lucid Lynx 10.04 can read your iPhone's secrets

      @frgough
      "that someone having direct physical access to your computer can compromise it... "

      Really, becasue in the ads for the iPhone Apple basically says the opposite - that even if your iPhone falls into the wrong hands, it will be safe. I mean, it isn't like anybody every loses an iPhone now is it? Or even loses 2 brand new prototypes in a week...
      frankenstone
  • yes, but

    At least you're all still protected from the evil that is Flash! ;)
    bmgoodman
  • Am I missing the point? Isn't this common to all smartphones?

    See what you get with your E71 Adrian, yes?
    What is compromised?
    Hang onto your device and don't let go of it!
    Dietrich T. Schmitz, ~ Your Linux Advocate