A new report form Bernd Marienfeldt exposes a large security vulnerability in the way the iPhone secures your personal data. Oh, and if you have enabled a PIN prompt on your iPhone to help protect your device if it was to be lost or stolen, it won’t prevent prying eyes from accessing your data. Unlike the iPhone worm, this vulnerability is not limited to people with jailbroken devices.
So how does this work? Since the iPhone 3GS fails to provide full disk encryption, you take a iPhone and connect it to a computer running Ubuntu Lucid Lynx. This will allow access to the complete file system of the phone.
So you may feel that your data is safely stored away on your iPhone, it’s still accessible to the more knowledgeable cracker. This is something Apple has to face more and more as their platform continues to grow. They have managed to fly under the radar of the growing security aware public for a while now. But with the install base growing to such a large number, it brings more attention to the platform from the hacking community. As I mentioned in a previous post, Apple needs to get serious about security if they want to be taken seriously in the enterprise.
Source = engadget mobile
Recent Comments