Welcome to WebmasterWorld Guest from 54.162.76.55

Forum Moderators: bakedjake

Message Too Old, No Replies

Your iPhone Passwords Can Be Stolen In Under Six Minutes

     
3:20 pm on Feb 10, 2011 (gmt 0)

Moderator from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 28, 2004
posts: 3221
votes: 12


Researches in Germany have found a way to access all of the passwords stored on your iPhone in under six minutes. This new hack circumvents the lock screen, so that extra bit of protection you thought you had, doesn't really exist:

Among passwords that could be revealed were those for Google Mail as an MS Exchange account, other MS Exchange accounts, LDAP accounts, voicemail, VPN passwords, WiFi passwords and some App passwords


[pcworld.com...]
4:03 pm on Feb 10, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 8, 2001
posts: 766
votes: 0


Wow, that is pretty huge for the banks, and a reason for their IT depts to keep them on Crackberrys.

I suppose it's hackers going after the biggest install base...
5:23 pm on Feb 10, 2011 (gmt 0)

Administrator

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month

joined:Jan 14, 2004
posts:864
votes: 3


They forgot to mention that it requires the phone to be jailbroken before they can do it.
5:31 pm on Feb 10, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 8, 2001
posts: 766
votes: 0


Ocean10000, why does that matter? The jailbreaking is just part of the hack. It doesn't have to be jailbroken before it's locked
6:03 pm on Feb 10, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 23, 2002
posts:659
votes: 0


This hack also includes the IPAD.

Researchers from German engineering and research firm Fraunhofer tested the hack on an iPhone 4 and iPad 3G running iOS 4.2.1
6:41 pm on Feb 10, 2011 (gmt 0)

Preferred Member

10+ Year Member

joined:Jan 8, 2004
posts: 563
votes: 1


I wonder if that's why Google has come out with this [googleblog.blogspot.com].

My comment on Matt Cutts blog post [mattcutts.com]
This is a “must have” for power users…… and those who really care about the security of their information. So, I guess that would mean ALL users. Now, I read the thread on the googleblog but I have a question.
How will this effect allowing 3rd parties such as Buzz, Facebook, Twitter or Friendfeed, etc. from accessing data…. if at all?

Right, this is for “Advanced sign-in security for your Google account” and since they would be accessing the account wouldn’t they need that 2nd authentication part?

Or am I just not reading this correctly?


Just Sayin'
7:19 pm on Feb 10, 2011 (gmt 0)

Preferred Member

10+ Year Member

joined:Jan 8, 2004
posts: 563
votes: 1


Yeah, ok. After thinking about it more I wonder if these two aren't mutually exclusive from one another. If they are then it's my bad but they definately are closely related. You know, personal data security and all.
8:12 pm on Feb 10, 2011 (gmt 0)

Administrator

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month

joined:Jan 14, 2004
posts:864
votes: 3


ok after watching the video again. It does look like it can bypass the lock altogether and install the jail break. My previous understanding was that the phone needed to have been jailbroken previously for this to work.