iPhone 3GS Hardware Encryption Easy to Circumvent

    Date12 Aug 2009
    CategoryCryptography
    4295
    Posted ByAnthony Pell
    A mere three days after I published an article touting the enhanced security of the iPhone 3GS - see "iPhone 3GS Offers Enterprise-Class Security for Everyone", 2009-07-20 - security researcher Jonathan Zdziarski revealed a simple, only moderately technical technique for completely circumventing the iPhone's passcode lock and encryption. As a result, the iPhone 3GS encryption can no longer be considered a security control for consumers or enterprises until Apple releases a fix. Although encryption is one of the most fundamental tools available in the security arsenal, it can be difficult to implement properly. In this case, it isn't that the encryption itself is flawed (although that happens), but that the implementation of the encryption leaves cracks for attackers.
    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"5","type":"x","order":"1","pct":45.45,"resources":[]},{"id":"56","title":"No","votes":"6","type":"x","order":"2","pct":54.55,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.