Password retrieval in lost or stolen iPhones/iPads [Video Inside]
Scientists at the Fraunhofer Institute for Secure Information Technology (SIT) test laboratory in Germany have shown how someone who steals or finds an iPhone or iPad can use existing software to “jailbreak” the device and gain access to the command shell. A secure shell (SSH) server can then be installed to enable them to run their own software on the device. Both procedures can be carried out even if the device is locked.
The attackers can then upload a script to the device to use the device’s own tools to give them access to the keychain, which is Apple’s password management system. The keychain entries can then be downloaded to the attacker’s computer.
The attack is successful because in the current operating system in “i” devices (iOS) large parts of the file system are accessible even if the device is locked, and the cryptographic key is not protected by the passcode.
[video=youtube;uVGiNAs-QbY]https://www.youtube.com/watch?v=uVGiNAs-QbY[/video]
Information Source: physorg.com
The attackers can then upload a script to the device to use the device’s own tools to give them access to the keychain, which is Apple’s password management system. The keychain entries can then be downloaded to the attacker’s computer.
The attack is successful because in the current operating system in “i” devices (iOS) large parts of the file system are accessible even if the device is locked, and the cryptographic key is not protected by the passcode.
[video=youtube;uVGiNAs-QbY]https://www.youtube.com/watch?v=uVGiNAs-QbY[/video]
Information Source: physorg.com
Replies
You are reading an archived discussion.
Related Posts
In a short video, Martin Hilbert, a Provost's Fellow at the USC Annenberg School for Communication & Journalism, talks about how much information the world stores, communicates, and computes.
[video=vimeo;19779116]https://vimeo.com/19779116[/video]
E-Summit @DTU is back with a bang!
This time it promises to be bigger and better!!
The 2 day event will be inaugrated on 16th February 2011 by the Hon'ble...
We had a Group Discussion on this topic today! It was nice! I would like to see our CEans Opinions on this 😀
Hello Ceans,
Lets Discuss here about Cricket world cup, News, Player Information and everything related to Cricket World Cup.
Have you ever worked in an organization or a project or a society?
If yes then it will be a lie that you have not come across any problem which...