iPhone 3GS crypto easy to crack, expert warns

Corporations should think twice about using the iPhone 3GS, according to an expert who has shown how easy it is to crack the encryption on the device.
Written by Elinor Mills, Contributor
The encryption functionality of the iPhone 3GS is so easy to crack that it is essentially "broken" when it comes to protecting sensitive personal data such as credit card numbers, according to a forensics expert and iPhone developer.

"I don't think any of us [developers] have ever seen encryption implemented so poorly before, which is why it's hard to describe why it's such a big threat to security," Jonathan Zdziarski told Wired.

With physical access to an iPhone 3GS and some free software, data can be extracted within two minutes and an image of the entire raw disk in about 45 minutes, he said. The iPhone decrypts the data on its own once the extraction has begun, Zdziarski explained in a video demonstration.

Apple has been touting the encryption and other features to entice corporate users to the device.

Nearly 20 percent of Fortune 100 companies have purchased 10,000 or more iPhones per company, the company said on its financial results conference call on Tuesday.

This article was originally published on CNET News.

Editorial standards