Security Market Segment LS
Saturday, 28 May 2011 23:46

All of your iPhones are belong to us


Despite having a dedicated hardware data encryption chip, Russian security company Elcomsoft has devised a method to bypass nearly all security and access the stored data on any iOS 4 device.

An iOS 4 device secures pretty-much all of its content using AES-256 encryption; almost certainly unbreakable.  Unfortunately, the way in which it releases the encryption key is laughably simplistic.

We all have our simple 4-digit unlock code which (Apple tells us) will cause a lock-out if entered incorrectly 10 times.  Enter it correctly and direct access to release the key is granted.  In other words, despite what the very complex AES key looks like, it is released by a 4-digit PIN.

Next Elcomsoft tells us, they found a way to bypass the 10 attempts lockout by running their brute force attack directly on the security chip, bypassing the API that counts the attempts.

So, how does the average iOS user defeat the attack?  Actually it's quite easy - don't rely on a 4-digit access code.  Using the 'complex' passcode option to create a (minimum) 8-digit code would essentially defeat the attack.  The brute-force must be performed upon the device and unlike a PC where it would happen in a few moments, an exhaustive scan of all 10,000 possible values takes around 40 minutes.  Doubling the length would take 400,000 minutes (just under 280 days).

BTW, owners of the iPhone 3GS running iOS 3 should be even more scared, all an attacked has to do is delete the 4-digit code to gain full access to the device (there is no encryption chip).

This is only a quick report of the work Elcomsoft has done; interested readers should follow the link above to learn more about the attack.

In writing about their work, Elcomsoft's Vladimir Katalov gives some context: "Let's make it very clear: no privacy purist should ever use an iPhone (or any other smartphone, probably). iPhone devices store or cache humungous amounts of information about how, when, and where the device has been used. The amount of sensitive information collected and stored in Apple smartphones is beyond what had previously been imaginable. Pictures, emails and text messages included deleted ones, calls placed and received are just a few things to mention. A comprehensive history of user's locations complete with geographic coordinates and timestamps. Google maps and routes ever accessed. Web browsing history and browser cache, screen shots of applications being used, usernames, Web site passwords and the password to iPhone backups made with iTunes software, and just about everything typed on the iPhone is being cached by the device."

Elcomsoft has packaged all this into a simple toolkit which (fortunately?) is currently available only to "select government entries such as law enforcement and forensic organizations and intelligence agencies."  One can only wonder how long until it gets into the hands of the bad guys.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.



Recent Comments