iPhone 3Gs Encryption Cracked In Two Minutes

An anonymous reader writes "In a Wired news article, iPhone Forensics expert Jonathan Zdziarski explains how the much-touted hardware encryption of the iPhone 3Gs is but a farce, and demonstrates how both the passcode and backup encryption can be bypassed in about two minutes. Zdziarski also goes on to say that all data on the iPhone — including deleted data — is automatically decrypted by the iPhone when it's copied, allowing hackers and law enforcement agencies alike access the device's raw disk as if no encryption were present. A second demonstration features the recovery of the iPhone's entire disk while the device is still passcode-locked. According to a similar article in Ars Technica, Zdziarski describes the iPhone's hardware encryption by saying it's 'like putting privacy glass on half your shower door.' With the iPhone being sold into 20% of Fortune-100s and into the military, just how worried should we be with such shoddy security?"

The same F500 and military that use Windows?

[gig]

Until the Fortune 500 and the military stop using Microsoft products, I won't lose a blink of sleep over them using Apple products. This guy had to have physical access to the iPhone to crack it, and even then the iPhone did not start sending its data out over the Internet along with a virus payload that formed a massive botnet that crippled Internet bandwidth.

My understanding is that the encryption in the 3GS is not meant to prevent a user with physical access to the device from accessing the data. It's to make Remote Wipe instant instead of taking 1 hour per gigabyte because the Remote Wipe only has to destroy the decryption keys, not every bit of data on the disk. When you Remote Wipe an iPhone 3G it takes 1 hour per gigabyte to destroy the data. With a 3GS, it takes a few seconds.

In this case, the hacker not only had the iPhone in his physical possession, but it was not Remote Wiped, so he also had the keys in his possession. How is it at all surprising that he was able to get in?

Security Professionals

[Yeorwned]

Apple with poor security? No way! Oh wait, their operating system does have almost 4 times the number of critical vulnerabilities that M$ XP has, every single year since it's release. Impressive record.

Re:interesting

[PnjDbq]

The iPhone starts injecting time delays into the login/wipe process, I believe after the first 5 incorrect attempts. First one minute, then 5 minutes, and I have never had the patience to watch much beyond that. You can still sabotage the phone, but it's not fast.

Re:On The Bright Side...

[wealthychef]

Laugh, but this actually is the new feature as designed. This encryption was added to make it possible to remotely wipe an iPhone in seconds. (Delete the encryption key that is on the phone, no more reading the data off of it.) Apparently the intent was not to protect the data on the phone from a real attacker, I don't think anyone at Apple that worked on this would expect that to be the case with the encryption key on the device. (stolen from an AC because it's interesting)

Re:interesting

[Gnavpot]

...unless you've got it set to delete all data on your phone after 10 incorrect attempts.

You are assuming that the attacker does not use his own software for extracting and decrypting the data?

That assumption is usually one of the first and most obvious traps people fall into when they try to invent a new protection method.

But perhaps the assumption will hold in this particular case. I don't know if it is possible to extract the encrypted data from an iPhone and decrypt them elsewhere.

Re:interesting

[Minupla]

That's how my work Blackberry is configured - if I enter my PIN wrong too many times, it self wipes. All my data is gone. Until I either plug it in to my workstation at work, and it restores form the backup, or I call in and get a new activation pin assigned and do a wireless sync. It's a bit of a pain in the butt when it happens, but seems like a reasonable trade off. Of course the BB has a good keyboard, so i don't mistype often :)

That being said, I do lust after an Iphone for personal use, but I would not at this point recommend we use them for corporate work, too much risk. My personal data is less valuable, as I don't carry around sensitive emails.

Min

Reader Fail

[marshzd]

This is a pisspoor attempt at trying to discredit Apple for a CONSUMER product. Spore was hacked two weeks before the game was released. The Sony PSP has been hacked since the beginning of it's formation. The X-Box was not only hacked to put in bigger drives, but also was hacked to put Linux on it (which took a little longer but still) Windows XP is easily hacked by booting up in Safe Mode, you have immediate free admin access to add users and change passwords. Windows Vista/2000(2003) Server are all hackable with a quick linux boot CD, takes about three minutes (I've done this multiple times on many machines). You can either change the password, or just load all the persons files onto an external drive (I usually do this for when someone windows dies but you could easily take all their information unencrypted right off). Every consumer device and software product is usually hacked before it's even released, if not shortly after it's released. The fact that this article was just barely posted actually makes me wonder how stupid they are for failing this long at trying to break a consumer product. I've never seen a single ad for the iPhone, PSP, or X-Box advertising their "security". They generally intentionally have loopholes because they realize that users (like the person who wrote this article) are freaking idiots and are going to lock themselves out. The biggest loophole is having an admin user (:O) reset their password. And getting that password from them is as simple as starting their pubes on fire if not using the previously mentioned boot disk to simply wipe the password and log in. This isn't any sort of fail on Apple's part. They can't handle everything in the universe on their phone. Nor was it PSP's fail when it got hacked. Or windows when it gets hacked. There's BLATANT fails that generally get fixed, but not really any here. Sorry folks, move along.

Re:Why can't the hacker get in?

[nxtw]

If that Blackberry is just sitting there, even asking for a passcode, is it still receiving and storing data?

Yes. But the BlackBerry doesn't store the encryption key in-the-clear like the iPhone 3G S does, and you can't run arbitrary code on a BlackBerry just by plugging it in to a PC.

Maybe a Blackberry has a hardened mode, where it goes inert when you lock it, where it won't receive data because it has forgotten the key to its own storage.

In fact, it does. BlackBerries even have an option to not encrypt the address book so you can have names appear on caller ID while the device is locked.

Either way, if you only have to enter a 4-digit number to get in, then even if the device slows down accepting PINs after a while

No; the BlackBerry (or even the iPhone!) would be configured to wipe the device after a few invalid password attempts. My (corporate managed) BlackBerry wipes the device after 10 invalid password attempts, and my password is longer than 4 characters (and includes non-digits.)

Re:Why can't the hacker get in?

[afidel]

The Blackberry allows real passwords not 4 digit pins and it has policies to wipe the device after so many bad password attempts. Since the data is all in the corporate email system and can easily be re-uploaded to a new device there's no downside to this, this is very different from the consumer oriented iphone.

Commenter Fail

[CaptainJeff]

Interesting how your argument is that Apple considers the iPhone a CONSUMER device, but markets it, also, as a BUSINESS/ENTERPRISE device.

http://www.apple.com/iphone/business/ [apple.com]

It's odd that Apple would get a pass on not properly securing their CONSUMER phone that is also marketed as "the best phone for business."