iPhone password security hacked in just six minutes

David Heath
Sunday, 13 February 2011 21:31

Never let your iPhone out of your sight - sage advice of course; but now all your securely stored passwords could be uncovered by an attacker with just six minutes alone with your device.

For some time it has been known that much of the internals of an iPhone (here, we will use the term iPhone generically to refer to iPhone or iPad) are easily accessible to the 'intruder' without knowing any supposed secret (power-on PIN, unlock passcode etc).  This includes the ability to take a copy of the entire contents of the phone's memory.

This was probably a mere curiosity - we are able to take a copy of the contents; and do what with it exactly?

However, now we hear that researchers from Fraunhofer Institute for Secure Information Technology (SIT) have perfected a method to analyse the contents of the iPhone and extract all passwords stored in the Keychain.

The reason all this is possible is that, although a passcode is required to unlock access to the phone's contents, the cryptographic key is based entirely on information contained within the iPhone.  This remains true as of iOS firmware v4.2.1

This can only be described as reckless in the extreme!

Remember, we say passwords when we describe access to VPNs, WiFi portals, MS Exchange accounts etc.

According to the SIT paper, "In current versions of iOS, the keychain contains user accounts including passwords such as email, groupware, VPN, WiFi, websites and often also passwords and certificates used in 3rd party apps. As these secrets are stored encrypted in the keychain, the questions is: Which key is used for the encryption and which practical barrier does it create for an attacker with access to the device."

As the paper demonstrates, the key is easy and the barrier is almost non-existent.