Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Hardware - Troubleshooting and Discussion > iPhone, iPad & iPod > iDevices extremely insecure

iDevices extremely insecure
Thread Tools
The Godfather
Addicted to MacNN
Join Date: Dec 1999
Location: Tampa, Florida
Status: Offline
Reply With Quote
Feb 9, 2011, 07:53 AM
 
Plug an iPhone to a Mac, you cant see the content until you enter the iPhone password.
Plug it to a Linux PC, it will mount as a new drive and you can see all the pictures.
     
TETENAL
Addicted to MacNN
Join Date: Aug 2004
Location: FFM
Status: Offline
Reply With Quote
Feb 9, 2011, 08:43 AM
 
This was fixed a long time ago, but might require a "Full Restore" for the fix to work.

iPhone business security framework « Bernd Marienfeldt
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Feb 10, 2011, 10:28 AM
 
Why bother with photos when you can get all the stored passwords (email, VPN, etc) in a matter of minutes?

As soon as attackers are in the possession of an iPhone or iPad and have removed the device's SIM card, they can get a hold of e-mail passwords and access codes to corporate VPNs and WLANs as well. Control of an e-mail account allows the attacker to acquire even more additional passwords: For many web services such as social networks the attacker only has to request a password reset.

youtube video
full paper
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Feb 10, 2011, 10:37 AM
 
WTF, Apple ?

This is ridiculous.

-t
     
besson3c
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Feb 10, 2011, 12:35 PM
 
I don't think Apple has every been good at the really low level programming stuff, including security.
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Feb 10, 2011, 12:57 PM
 
I don't think that's a fair characterization. I think Apple's been able to get away with certain lazy practices in how it handles certain areas of projects. Apple's great at creative designs that function really well, but they often neglect smaller technical details. Most of the time they get away with that strategy, but sometimes glaring flaws slip through that the company is very slow to address.

Part of the reason this seems to occur is because of Apple's approach to development. It's a very large corporation that tries to keep its development teams small and in startup company mode. The company strives to keep teams small and nimble, preventing bureaucratic stagnation or too many hands from spoiling the creative process. While it gains a lot from that strategy, I think a portion of quality control is probably lost in the process.
( Last edited by Big Mac; Feb 10, 2011 at 01:04 PM. )

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
besson3c
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Feb 10, 2011, 01:19 PM
 
It doesn't sound like we disagree, because those smaller technical details are what those lower levels are all about.
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Feb 10, 2011, 01:26 PM
 
Oh okay. It's just that I thought you were implying that Apple isn't good at low level coding, as if their teams weren't technically capable of good low level programming. If that were the case Apple would be out of business. I think it's a lack of focus on QA details Apple considers of little significance.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
besson3c
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Feb 10, 2011, 01:42 PM
 
Originally Posted by Big Mac View Post
Oh okay. It's just that I thought you were implying that Apple isn't good at low level coding, as if their teams weren't technically capable of good low level programming. If that were the case Apple would be out of business. I think it's a lack of focus on QA details Apple considers of little significance.

That is what I was implying.

They aren't good at kernel development, file systems, and sometimes have surprising trouble with the low level components of certain applications such as the Finder, Mail, pieces of OS X Server, etc. While Snow Leopard is a huge step forward, OS X still requires gobs of resources to run properly.

To their credit they have done well with stuff like OpenCL, Quartz Extreme, Webkit, etc. so perhaps it would be best for me to adjust my statement to say that it is not unanimous that Apple excels at the low level stuff since there are notable exceptions.
     
jmiddel
Grizzled Veteran
Join Date: Dec 2001
Location: Land of Enchantment
Status: Offline
Reply With Quote
Feb 10, 2011, 09:40 PM
 
I think you're both saying that it is a matter of paying attention, or not, and to what. My question is: why does not Apple create one of those 'small and nimble' teams, as Big Mac says, dedicated to security. Given their resources, they could assemble a team with NSA+ experience, and become the leader in security, as they are in pretty much everything else.
     
ghporter
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Feb 10, 2011, 09:58 PM
 
Is any other smart phone more secure than the iPhone? If the bad guy gets a Blackberry, can he recover stored passwords from it?

The FIRST rule of computer security is that if the adversary gets physical possession of the computer, your security is gone. Why would that not be applicable to a portable computing device?

(IOW, don't lose physical control of your phone or iPad.)

Glenn -----OTR/L, MOT, Tx
     
The Godfather  (op)
Addicted to MacNN
Join Date: Dec 1999
Location: Tampa, Florida
Status: Offline
Reply With Quote
Feb 10, 2011, 10:09 PM
 
It doesn't matter that it is the most secure phone ever. What matters is that it is very insecure.
A Motorola concept Android phone has a fingerprint reader. That's a start.
Maybe a dental pressure profiler is still patentable. If your teeth are your decryption password, then physical possession of the computer would not matter much.
     
ghporter
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Feb 10, 2011, 10:14 PM
 
How complex a fingerprint reader? Like the one Microsoft uses in their "security" mouse? That's hardly secure-you can easily defeat that reader, as with most simple (and thus inexpensive) readers. To be effective, the reader would have to be very complex and thus very expensive.

To have real security, you would need a multiple token system, perhaps using both a physical token (RFID ring?) and a password. Not likely to be "user friendly" in any case.

Keep your phone and tablet from falling into unfriendly hands and the data security isn't an issue.

Glenn -----OTR/L, MOT, Tx
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Feb 10, 2011, 10:31 PM
 
Really, you're going to go the Apple Apologist route?

Originally Posted by ghporter View Post
Is any other smart phone more secure than the iPhone? If the bad guy gets a Blackberry, can he recover stored passwords from it?
Yes. No.
     
besson3c
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Feb 10, 2011, 10:43 PM
 
Originally Posted by jmiddel View Post
I think you're both saying that it is a matter of paying attention, or not, and to what. My question is: why does not Apple create one of those 'small and nimble' teams, as Big Mac says, dedicated to security. Given their resources, they could assemble a team with NSA+ experience, and become the leader in security, as they are in pretty much everything else.

I think this is a good idea too, but I would not say that Apple is a leader in pretty much everything else without qualification.
     
AKcrab
Moderator Emeritus
Join Date: Apr 2001
Location: Wasilla, Alaska
Status: Offline
Reply With Quote
Feb 10, 2011, 11:22 PM
 
Originally Posted by mduell View Post
Yes. No.
Cause mduell says.
     
andi*pandi
Moderator
Join Date: Jun 2000
Location: inside 128, north of 90
Status: Online
Reply With Quote
Feb 11, 2011, 11:08 AM
 
ah, so this is why my company won't let us store vpn passwords on the iPad. I do have my email password saved though.

So the little 4 number password at startup, does that only stop the extremely stupid thief?
     
cgc
Professional Poster
Join Date: Mar 2003
Location: Down by the river
Status: Offline
Reply With Quote
Feb 11, 2011, 01:04 PM
 
Originally Posted by The Godfather View Post
...your teeth are your decryption password, then physical possession of the computer would not matter much.
Mmmm...biting the cellphone would be bad. Are you talking about the cellphone taking a pic of your teeth? If so, why not do a retina scan? If not, nobody is biting their cellphone
     
ghporter
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Feb 11, 2011, 06:03 PM
 
Originally Posted by andi*pandi View Post
ah, so this is why my company won't let us store vpn passwords on the iPad. I do have my email password saved though.

So the little 4 number password at startup, does that only stop the extremely stupid thief?
There are at most 10,000 different 4-digit passcodes. While iOS will disable the device after "too many wrong entries," Apple doesn't come out and say how many is too many. They do say that after successive failures, the disabled time gets longer and longer, and eventually locks the device hard, requiring connecting to the computer you last synced with to unlock it. Frankly, this is the equivalent of President Scroob's luggage combination; most people use some brain-damaged simple code. Unless you set it up to securely erase the device's contents after 10 failed attempts (which you can apparently do), the iOS passcode is like hanging the keys next to the locked door. It is actually more difficult to pour through someone's emails to find an arbitrary piece of information than it is to get an iDevice unlocked by guesswork.

Glenn -----OTR/L, MOT, Tx
     
The Godfather  (op)
Addicted to MacNN
Join Date: Dec 1999
Location: Tampa, Florida
Status: Offline
Reply With Quote
Feb 11, 2011, 06:09 PM
 
So, when a password protected iphone rings, does it show a password prompt/keypad before or after you answer the call?
     
Stogieman
Addicted to MacNN
Join Date: May 2000
Location: Santa Rosa, CA
Status: Offline
Reply With Quote
Feb 11, 2011, 06:45 PM
 
Originally Posted by jmiddel
My question is: why does not Apple create one of those 'small and nimble' teams, as Big Mac says, dedicated to security. Given their resources, they could assemble a team with NSA+ experience, and become the leader in security, as they are in pretty much everything else.
I think they may have started this process already.

Apple Hires Former NSA Analyst as Security Chief

Slick shoes?! Are you crazy?!
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Feb 11, 2011, 07:32 PM
 
Originally Posted by AKcrab View Post
Cause mduell says.
Please, crab, show me the analysis demonstrating that you can get the passwords out of a BlackBerry in 5 minutes.
     
ghporter
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Feb 11, 2011, 09:47 PM
 
Perhaps mduell can show us how and why a Blackberry can't be made to give up its secrets...

Glenn -----OTR/L, MOT, Tx
     
AKcrab
Moderator Emeritus
Join Date: Apr 2001
Location: Wasilla, Alaska
Status: Offline
Reply With Quote
Feb 11, 2011, 09:49 PM
 
Right. I never made such a claim.
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Feb 13, 2011, 11:26 PM
 
One thing about this story that hasn't been brought up yet is that the iDevice has to be jailbroken before this vulnerability can be accessed. I suppose that's another possible reason Apple wants to thwart jailbreaking. It should be pointed out, however, that the jailbreak isn't at the heart of this exploit; it's just a necessary step to be able to access it.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
Spheric Harlot
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Offline
Reply With Quote
Feb 14, 2011, 02:08 AM
 


So the iOS is "extremely insecure"? But you have to crack it first?


Okay, end of discussion; subject closed.
     
CharlesS
Posting Junkie
Join Date: Dec 2000
Status: Offline
Reply With Quote
Feb 14, 2011, 11:16 AM
 
I'm sure that when someone steals your iPhone, and then your identity since the passwords are stored in cleartext, it will be a great comfort to you to know that they had to jailbreak it first in order to do that.

Ticking sound coming from a .pkg package? Don't let the .bom go off! Inspect it first with Pacifist. Macworld - five mice!
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Feb 14, 2011, 11:41 AM
 
The passwords aren't stored in clear text. They're just not securely encrypted. But I agree - SH declared the subject closed too early.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
King Bob On The Cob
Mac Elite
Join Date: Apr 2002
Location: Illinois
Status: Offline
Reply With Quote
Feb 14, 2011, 11:54 AM
 
Originally Posted by CharlesS View Post
I'm sure that when someone steals your iPhone, and then your identity since the passwords are stored in cleartext, it will be a great comfort to you to know that they had to jailbreak it first in order to do that.
The passwords are not stored in cleartext. They're stored in the keychain, and using a script that allows injection into processes that have access to the keystores you're interested in then you can steal the passwords. Mac OS X shares this flaw. The only thing that confuses me is that the keychain should be locked until you authenticate (Using either the numbers pad or the password login).
     
CharlesS
Posting Junkie
Join Date: Dec 2000
Status: Offline
Reply With Quote
Feb 14, 2011, 01:15 PM
 
From the PDF:

Our script reveals the always unencrypted settings (e.g., user name, server, etc.) for all stored accounts. For the account types marked "w/o passcode" in Table 1, also the account’s cleartext secrets are revealed. This indicates, that an attacker would not need to know the user’s passcode nor does he would need to exploit new vulnerabilities to reveal these secrets. The results were taken from a passcode protected and locked iPhone 4 with current firmware 4.2.1. The overall approach takes six minutes, which might provide an additional opportunity for an attacker to return the device to the owner to cover the revealing of passwords.
Then if you look at the table, you can see that quite a few passwords are marked "w/o passcode" — most notably, the MS Exchange passwords. These passwords are, unless I'm reading the article wrong, in cleartext.

Apple will need to fix this.

Ticking sound coming from a .pkg package? Don't let the .bom go off! Inspect it first with Pacifist. Macworld - five mice!
     
Spheric Harlot
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Offline
Reply With Quote
Feb 14, 2011, 03:30 PM
 
Ah, I see. Thanks for the clarification.

Do other OSen share this vulnerability?

Which is to say, does "physical access guarantees data access" hold true for mobile platforms in general, too?
     
Spheric Harlot
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Offline
Reply With Quote
Feb 14, 2011, 04:42 PM
 
Ah, I see. Thanks for the clarification.

Do other OSen share this vulnerability?

Which is to say, does "physical access guarantees data access" hold true for mobile platforms in general, too?
     
CharlesS
Posting Junkie
Join Date: Dec 2000
Status: Offline
Reply With Quote
Feb 14, 2011, 05:12 PM
 
I have no idea. This has no bearing on the severity of this issue, however.

Ticking sound coming from a .pkg package? Don't let the .bom go off! Inspect it first with Pacifist. Macworld - five mice!
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Feb 14, 2011, 07:27 PM
 
With BES you have a different password for the one time email activation, rather than using your exchange password. If it's reusable and RIM stores in in plaintext on device, they're insane.
     
hayesk
Guest
Status:
Reply With Quote
Feb 15, 2011, 03:32 PM
 
Originally Posted by King Bob On The Cob View Post
The passwords are not stored in cleartext. They're stored in the keychain, and using a script that allows injection into processes that have access to the keystores you're interested in then you can steal the passwords. Mac OS X shares this flaw. The only thing that confuses me is that the keychain should be locked until you authenticate (Using either the numbers pad or the password login).
The difference between MacOS X and iOS is that on MacOS X, it's encrypted with your password. So it's much more difficult to get your passwords from a desktop machine. On iOS, there are no account passwords, so the password to the keychain has to be stored on the phone. This is what the hackers have used. The alternative is to have a real password. A 4-digit lock code is pretty much useless as an encryption key - a brute force attack will crack it in minutes. The phone needs a real password login for this "flaw" to go away.

The issue is people don't want to type a long password to use their phone. They want quick and easy. So, you can call this a flaw, but I'd call it a design decision.
     
kmkkid
Professional Poster
Join Date: Mar 2002
Location: Brantford, ON. Canada
Status: Offline
Reply With Quote
Feb 15, 2011, 10:36 PM
 
Is that why the phone has to be jailbroken? So the attacker can Modify files/read the passwords using the authority of root:alpine?

If so, does changing the root password thwart this?

If you jailbreak you shold be changing the root password anyways.
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Feb 15, 2011, 11:11 PM
 
It could have something to do with root being compromised by jailbreaking. They have to SSH in, and if your phone is jailbroken and has a changed root password one would assume they wouldn't be able to log in to run the script. But if the attacker does the jailbreaking they have the access.

Now we have a better idea of why Apple plays cat and mouse with the jailbreakers, but it bears repeating that jailbreaking merely enables access to a preexisting keychain vulernability. I'm hoping Apple is concentrating on fixing the actual keychain flaw and not just targeting jailbreaking as its security remedy.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
Spheric Harlot
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Offline
Reply With Quote
Feb 16, 2011, 03:49 AM
 
Heh. So it's arguably *more* secure to have jailbroken and changed the root password?
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Feb 16, 2011, 06:54 AM
 
Seems that way for now, based on what we know about the exploit.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
kmkkid
Professional Poster
Join Date: Mar 2002
Location: Brantford, ON. Canada
Status: Offline
Reply With Quote
Feb 17, 2011, 06:55 AM
 
That's what I thought.

So jailbreaking and changing he root password is the most secure for now.


But again, if someone has physical access to your device, anything can be hacked with enough effort.
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 09:24 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,