Hacker Claims iPhone 3GS Encryption Feature is Useless

News | Friday July 24 2009 3:34 AM | Comments (0) Tags: , , , , ,

He has also published the iPhone Open Application Development book to
develop unofficial native iPhone applications using the iPhone open
source tool chain.
According to him the new iPhone 3GS encryption feature can be cracked in two minutes with some freeware programs.
“It is kind of like storing all your secret messages right next to the secret decoder ring. “I don’t think any of us [developers] have ever seen encryption
implemented so poorly before, which is why it’s hard to describe why
it’s such a big threat to security.”
He also claims that accessing sensitive information on the iPhone is as easy as it was with iPhone 3G and the first generation iPhone (iPhone 2G) that don't have the hardware encryption feature. If a thief got hold of an iPhone , he believes it would be very easy for him to extract the user's data using freeware programs.
Zdziarski demonstrated a technique to Wired.com where he was able to get access to iPhone 3GS data quite easily and the encryption did not pose any hindrance.
He also pointed out that the remote wipe feature would not be useful as an intelligent criminal would remove the SIM card to avoid the remote wipe command from coming through, if the sole intention of stealing the iPhone was to gain access to the user's sensitive data.
rather than relying on iPhone 3GS's hardware encryption feature.
“If they’re relying on Apple ’s security, then their application is
going to be terribly insecure. Apple may be technically
correct that [the iPhone 3GS] has an encryption piece in it, but it’s
entirely useless toward security.”
Apple hasn't commented on the hacker's claim so far. But these are serious allegations, it will be interesting to see what Apple has to say about them.
As always, please let us know your thoughts in the comments section below.

No Comments »

No comments yet.

RSS feed. TrackBack URI

Leave a comment

You must be logged in to post a comment.