Advertisements
 

Jonathan Zdziarski Says The iPhone 3GS Encryption Is Useless

Jonathan Zdziarski, a member of the iPhone Dev-Team, says that Apple’s encryption on the iPhone 3GS for business users is not as good as it should be and could put company data at risk. He said that the encryption is so weak, that it could be cracked in two minutes using nothing more than some easily available freeware.

He said after making this discovery: “I don’t think any of us developers have ever seen encryption implemented so Securitypoorly before, which is why it’s hard to describe why it’s such a big threat to security.”

The iPhone 3GS is the first device to officially feature encryption, but Zdziarski says sensitive information like credit card numbers and social security digits on a 3GS are just as easy to access as they were on the 3G and first generation iPhone.

He used Redsn0w and PurpleRa1n to install a custom kernel on the device, then he installed used an SSH client to port the raw disk image onto his computer.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: