iPhone 3Gs Encryption Cracked In Two Minutes 179
An anonymous reader writes "In a Wired news article, iPhone Forensics expert Jonathan Zdziarski explains how the much-touted hardware encryption of the iPhone 3Gs is but a farce, and demonstrates how both the passcode and backup encryption can be bypassed in about two minutes. Zdziarski also goes on to say that all data on the iPhone — including deleted data — is automatically decrypted by the iPhone when it's copied, allowing hackers and law enforcement agencies alike access the device's raw disk as if no encryption were present. A second demonstration features the recovery of the iPhone's entire disk while the device is still passcode-locked. According to a similar article in Ars Technica, Zdziarski describes the iPhone's hardware encryption by saying it's 'like putting privacy glass on half your shower door.' With the iPhone being sold into 20% of Fortune-100s and into the military, just how worried should we be with such shoddy security?"
figures... (Score:2, Insightful)
Re:Apple blows. (Score:4, Insightful)
Re:On The Bright Side... (Score:2, Insightful)
Lets not leave out the crappy job that the military and these enterprises did with their security audits.
Re:The same F500 and military that use Windows? (Score:5, Insightful)
Because if that same hacker had a Blackberry in his possession with encryption enabled, he would not be able to get in.
security theatre (Score:5, Insightful)
security theatre: (1) security countermeasures intended to provide the feeling of improved security while doing little or nothing to actually improve security, usually resulting from political absurdity, poor engineering, the need to present an image of security more than real security, or some combination of these factors. (2) The real mission of the Transportation Security Administration.
Examples: airport screening, "No-Fly" lists, random searches on subway systems, 1950's "duck and cover" drills in U.S. public schools
Re:The same F500 and military that use Windows? (Score:1, Insightful)
ok...so you are telling me that it is trivial and you CAN do this with a BlackBerry too?...
Re:interesting (Score:1, Insightful)
I have to wonder if this is an intentional "feature".
Indeed. Most people really don't want real security. It would be a support nightmare for Apple because the common person is an idiot and will forget their password or whatever. Then all they want is their data back and they expect Apple to give it to them. If the device was really truly secure then their data would be permanently gone.
Fortunately there are third party products that provide real security for people who really need it. Too bad it's not always well integrated into the system though. I am glad this market exists though because that's how I make my living.
Re:The same F500 and military that use Windows? (Score:5, Insightful)
My understanding is that the encryption in the 3GS is not meant to prevent a user with physical access to the device from accessing the data. It's to make Remote Wipe instant instead of taking 1 hour per gigabyte because the Remote Wipe only has to destroy the decryption keys, not every bit of data on the disk. When you Remote Wipe an iPhone 3G it takes 1 hour per gigabyte to destroy the data. With a 3GS, it takes a few seconds.
Isn't the point of remote wipe to prevent unauthorized access to the data on the physical device? So, it doesn't matter how long it takes to do the remote wipe if the keys can be broken in 2 minutes since that leaves only a small window of time to do the wipe. Especially if the attacker can copy the entire contents of the iPhone to a remote storage device and do it offline.
Disk encryption, especially mobile and laptop, should be designed specifically to prevent data retrieval when physical possession is obtained by an attacker.
Re:Apple blows. (Score:2, Insightful)
I am confused. Does it suck, or does it blow? These are opposites, are they not?
The verb that solves this logical conundrum is: fellate.
Re:The same F500 and military that use Windows? (Score:3, Insightful)
.. I won't lose a blink of sleep over them using Apple products. This guy had to have physical access to the iPhone to crack it, and even then the iPhone did not start sending its data out over the Internet along with a virus payload that formed a massive botnet that crippled Internet bandwidth.
That is because they are completely different cases with completely different mechanisms to prevent them. You're talking about the ability to load a spambot or something on a mobile device. The encryption is there to ensure your address book is safe, your calendar is safe, any photos and other data are safe. Not to ensure the device does not run arbitrary code. The problem with the data encryption being crackable within an arbitrary length of time is a large issue, as it is meant to be protection regardless of where the device lies, in hands or not.
My understanding is that the encryption in the 3GS is not meant to prevent a user with physical access to the device from accessing the data
That is exactly the purpose of encryption.
enÂcrypt (Än-krÄpt) tr.v. enÂcryptÂed, enÂcryptÂing, enÂcrypts
1. To put into code or cipher.
2. Computer Science To alter (a file, for example) using a secret code so as to be unintelligible to unauthorized parties.
http://dictionary.reference.com/browse/encryption [reference.com]
So yes, it is a major issue, as it circumvents what the encryption is meant to accomplish.
Ding ding ding (Score:5, Insightful)
We have a winner...
The real issue at hand is how much time nerds spend thinking of ways they are right, instead of trying to understand how they might be wrong. iPhone 3gs was never marketed as having strong encryption (http://www.apple.com/iphone/specs.html), the /. crowd simply saw "something" was implemented and decided that the intent was to hide data.
Re:interesting (Score:3, Insightful)
Or just pick it up and throw it out the window.
Re:The Real Question is... (Score:2, Insightful)
Ummm...no
Who would store "sensitive" data on a cell phone?
Well, consider that most companies, agencies, etc consider their email "sensitive". Why do you think most businesses purchase 'smartphones'? TO ACCESS COMPANY EMAIL
It isn't just a matter of company email carrying sensitive data, it carries normal data that would be highly beneficial to a bit of social engineering.
Still don't understand the whole 'smartphone'/sensitive data issue?
Ask yourself this question. Why won't the secret service let Obama carry a regular blackberry?
If the Iphone is just a regular phone that can browse the internet, then this news is meaningless.
If the Iphone is a 'smartphone' with relevant business applications, then it needs to be capable of quality encryption
Re:The same F500 and military that use Windows? (Score:3, Insightful)
Indeed, let's state this more simply so that people can use it in other places as well:
1. Security through obscurity is not security
2. If security relies on an attacker not to be smart enough, it is not secure
What, me worry? (Score:5, Insightful)
With the iPhone being sold into 20% of Fortune-100s and into the military, just how worried should we be with such shoddy security?
Well, as someone who isn't part of any Fortune-100 corporation or military force, I guess my response would be "Not at all."
It's generally understood and widely acknowledged that the secrecy in such organizations functions primarily to keep their inner workings private from their own populations, i.e., us "little people" who pay to keep them running but aren't allowed to look into their inner workings. If they are riddled with holes in their communications because they're using iPhones or MS Windows or whatever, that means that there's a good chance that investigators can find out what they're up to and inform the rest of us.
Consider the last few years of disasters in the American financial industry. It's pretty clear now that the perpetrators knew quite well what they were doing, and were profiting quite well from it all. It's the "little people" who are paying for the collapse, while the officers of the corporations are still taking home huge paychecks and bonuses. The reason it went on for so long was that the companies involved were able to keep their shady dealings secret from the great majority of their investors. If we'd had better security holes to see inside them, maybe some of the disaster could have been avoided.
It's hardly a secret that military security primarily functions to hide their internal corruption (and bungling) from their own citizenry. Making their internal communications available to the citizenry via poor comms security seems like a win for the country as a whole.
(Yeah; I know; "Such a dreamer." ;-)
much-touted? (Score:3, Insightful)
Re:But... (Score:1, Insightful)
True, but the article says the data can be read off the device without entering the PIN. That makes the entire concept of remote wipe worthless. All you have to do is pop out the sim as soon as you find a lost iPhone. If the owner hasn't discovered that the phone is missing, the remote wipe will not occur because the phone can't talk to the tower. At that point, if you can read the data straight off the phone without keying in the PIN, you might as well just carve all your passwords, coworkers' contact info, and confidential emails on the back of the phone along with your kids' names, schools, class schedules, and lists of their greatest fears.
This may be as designed, but only if it was designed by somebody who knows fuck all about security. The first time somebody uses this to swipe confidential information off an Apple employee's iPhone, there's gonna be a reckoning. Who the hell builds a device that can decrypt its contents without using the PIN number to unlock it? That's like building a bicycle lock that you can unlock by tugging on it.
iPhone Team FAIL.
If I have access to the physical phone (Score:3, Insightful)
regardless of who manufactures it, I have access to the data. If I have access to the physical machine I have access to the data. If you are carrying sensitive information and the only thing blocking my access is a four digit code then you are an IDIOT regardless of what OS you are using.
Common people where is the news here? You actually think a Blackberry, Nokia or any other phone on the market today has any kind of encryption that can't be broken into with a bit of research.
Re:On The Bright Side... (Score:3, Insightful)
Ahhh, but that certainly hasn't stopped Apple touting it as a feature of the phone and a selling point into the enterprise, and fanboy gloating...