Jonathan Zdziarski Says The iPhone 3GS Encryption Is Useless

Jonathan Zdziarski, a member of the iPhone Dev-Team, says that Apple’s encryption on the iPhone 3GS for business users is not as good as it should be and could put company data at risk. He said that the encryption is so weak, that it could be cracked in two minutes using nothing more than some easily available freeware.

He said after making this discovery: “I don’t think any of us developers have ever seen encryption implemented so Securitypoorly before, which is why it’s hard to describe why it’s such a big threat to security.”

The iPhone 3GS is the first device to officially feature encryption, but Zdziarski says sensitive information like credit card numbers and social security digits on a 3GS are just as easy to access as they were on the 3G and first generation iPhone.

He used Redsn0w and PurpleRa1n to install a custom kernel on the device, then he installed used an SSH client to port the raw disk image onto his computer.


Leave a Reply, leaving hateful comments or using degrading language will get you banned.

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.