New iPhone vulnerability leaves your data wide open

A new vulnerability has been revealed today that can access your data on your iPhone, even when your phone is in a locked and un-jailbroken state.  PIN codes to protect users from accessing your phone won't stop the vulnerability, according to Engadget.

Bernd Marienfeldt and Jim Herbeck discovered the vulnerability, and said it can even access most of the users data.  The vulnerability can even work on an iPhone 3GS running firmware 3.1.3, when you connect it to a computer running Ubuntu Lucid Lynx, even when the phone is in a locked state.

This vulnerability can't be spread like the iPhone iRickRoll'd worm, which changed users backgrounds on their jailbroken iPhones, running SSH and who haven't changed their default password.  This new vulnerability appears to only be when the phone is tethered to a computer running Ubuntu Lucid Lynx, so any person wanting your data will need to get a hold of your iPhone first.

With open vulnerabilities like this, Apple will find it hard to turn the iPhone into a prime-time corporate device, where companies like BlackBerry have proven to be reliable and secure.  Apple has yet to address the vulnerability or release a patch.

iPhone_vulnerability

Report a problem with article
Previous Story

Microsoft Tag comes out of beta

Next Story

Microsoft: Steve Ballmer not appearing at Apple WWDC

53 Comments

Commenting is disabled on this article.

"companies like BlackBerry have proven to be reliable"
Your Jedi mind tricks don't work on me. Three words: multiple global outages

Get ready to see a TON of news about Apple exploits now... They arent yet #1 in the OS market, but they are #1 in the software department, which means no long are people going to be "nice" to them and not point out the flaws in their software with any urgency or volume. All you mac users, get ready to start doing monthly security patches like MS does.

The average Iphone thief is probably just interested in selling it to get money for his next fix.
I sincerely doubt he is going to hook it up to his linux machine - he sold that off too.

The last time I plugged my iPhone into Lucid Lynx, it seemed to screw up my album art. Had to completely remove all the media off it and re-sync it. Even then some of it is still screwed.

As others have said, this is hardly new - or a vulnerability. You have been able to access the "media" section of the iphone through just linux (not just the lastest ubuntu) for a long time. You can't actually access the root filesystem unless you have jailbroken the device.

Pfft any phone connected to a computer can be accessed - hell that's half the reason there's a modding community, especially for Motorola. And for that I am quite thankful!

I for one thought this was a great feature in Ubuntu. Certainly a lot faster to transfer photos of my family on and off the phone.

Aergan said,
I for one thought this was a great feature in Ubuntu. Certainly a lot faster to transfer photos of my family on and off the phone.

Eh? Photos are accessible without anything special on a Windows PC, just connect your IPhone and browse to it and you can pull your photos out. Don't see what Ubuntu has to do with that.

How does this work? I use Lucid Lynx as my main desktop OS, and when I plug my iPhone in, i just get a big long error message about DBus or something...

Okay... ::takes deep breath:: I thought this was going to be some scary wireless exploit! shame on you. Yeah well it isn't that bad. Just don't loose your phone... and hopefully if you do for now... remote brick is avaibale. However, this a lucky heppening for anyone that wants to export iPhone data with out itunes or paying for additional software or jail breaking it. The same thing can be said about a windows HD if you don't encrypt your files. Another OS can access the file system and bypass the windows login so big deal.

mranderson1st said,
Okay... ::takes deep breath:: I thought this was going to be some scary wireless exploit! shame on you. Yeah well it isn't that bad. Just don't loose your phone... and hopefully if you do for now... remote brick is avaibale. However, this a lucky heppening for anyone that wants to export iPhone data with out itunes or paying for additional software or jail breaking it. The same thing can be said about a windows HD if you don't encrypt your files. Another OS can access the file system and bypass the windows login so big deal.

How do you loose a phone? I've tried WD40 but now it won't turn on

nevann said,
How do you loose a phone? I've tried WD40 but now it won't turn on

yeah that would be a typo - *lose* =P

WD40 is for fixing squeeks. You need degreaser if you want to "loose" your phone. But don't expect anything that did not move before to move after that. Thats called broken. =P

If you don't encrypt your data, it can be accessed when mounted regardless of passwords, pins or device. This is why it's a good idea to put a password on a PC bios to stop people booting devices that may hold another OS and gaining full access to your precious data. Mobile devices don't have this luxury - although it's theoretically possible to disable USB connections for non-root users and ask for a password before allowing USB transfers.

08993 said,
This is why it's a good idea to put a password on a PC bios to stop people booting devices that may hold another OS and gaining full access to your precious data.

If someone has the ability to boot your PC from another device, they most likley also have physical access to your PC. Meaning they can pop it open, change a jumper and get around the BIOS password. Do people really still use BIOS passwords??

dr3w2k3 said,

If someone has the ability to boot your PC from another device, they most likley also have physical access to your PC. Meaning they can pop it open, change a jumper and get around the BIOS password. Do people really still use BIOS passwords??

Enterprise solutions have locking chassis, even my home case has the ability to lock to prevent access to the insides.

BIOS passwords can thwart all but the most determined, so yeah, anyone with any sense would still use a BIOS password

Edited by 08993, May 27 2010, 6:42pm :

08993 said,

Enterprise solutions have locking chassis, even my home case has the ability to lock to prevent access to the insides.

BIOS passwords can thwart all but the most determined, so yeah, anyone with any sense would still use a BIOS password

Or anyone who is super paranoid. But I digress...

dr3w2k3 said,

Or anyone who is super paranoid. But I digress...

Yes you do. Take for instance a laptop, in college. You leave the class for 5 mins to take a leak the guy sat next to you thinks it's funny to boot up with his USB stick and format your hard drive, just for a joke.

BIOS password stops it.

08993 said,

Yes you do. Take for instance a laptop, in college. You leave the class for 5 mins to take a leak the guy sat next to you thinks it's funny to boot up with his USB stick and format your hard drive, just for a joke.

BIOS password stops it.

Getting way off topic here. So I'll just say, point taken.

08993 said,

Yes you do. Take for instance a laptop, in college. You leave the class for 5 mins to take a leak the guy sat next to you thinks it's funny to boot up with his USB stick and format your hard drive, just for a joke.

BIOS password stops it.

Damn I never even thought of that. I just set mine on my laptop. Thanks

thatguyandrew1992 said,

Damn I never even thought of that. I just set mine on my laptop. Thanks

Damn, what kind of people yall hanging around that you gotta secure your home pc's as such? I just lock my front doors.

08993 said,

Yes you do. Take for instance a laptop, in college. You leave the class for 5 mins to take a leak the guy sat next to you thinks it's funny to boot up with his USB stick and format your hard drive, just for a joke.

BIOS password stops it.

Only a masochist would try that though.

dr3w2k3 said,

Or anyone who is super paranoid. But I digress...

That's like suggesting someone is paranoid because they own a fire extinguisher. We don't keep extinguishers around because we have to use them all the time. We keep them around because *IF* we need it and don't have it then a little problem can become a life changing event. Same with personal info security.

I've known and been using this "vulnerability" for months now. Maybe I should've reported it and gotten my name on Neowin. This story is pure BS; all you're doing is mounting the file system. Slow news day anyone?

Yeah. Absolute FUD. You can do this on Windows Computer.
Install the iPhoneBrowser application and then you can access all the files on the iPhone/iPod when you can connect it to your Computer.

figgy said,
Yeah. Absolute FUD. You can do this on Windows Computer.
Install the iPhoneBrowser application and then you can access all the files on the iPhone/iPod when you can connect it to your Computer.

Exactly. This has been the case for awhile so technically this isn't a "New iPhone Vulnerability".

Further, the pin-code is nothing more than the equivalent of a "privacy lock" for a public restroom.

I have mine setup to erase all data off of the phone if 10 bad passwords are entered in a row. In addition to this, if my iPhone was ever stolen the first thing I would do is remote-wipe it from MobileMe.

figgy said,
Yeah. Absolute FUD. You can do this on Windows Computer.
Install the iPhoneBrowser application and then you can access all the files on the iPhone/iPod when you can connect it to your Computer.

Except that your phone needs to be Jailbroken before you can use Iphone-browser. IF you read the story then you would know that this allows access to you Iphone weather your phone is jailbroken or not.

MindTrickz said,

Except that your phone needs to be Jailbroken before you can use Iphone-browser. IF you read the story then you would know that this allows access to you Iphone weather your phone is jailbroken or not.

In the image, they are viewing files which you can actually access on a non jailbroken device using software on Windows.

.... good thing I don't plug my phone into a computer with "Ubuntu Lucid Lynx" nor do I even know someone with that distro.

Wanyal said,
It looks like just media content to me. Where are the text messages? The contacts? The call logs?

+1 I can see the file structure of my wife's iPod in the same way when I plug it into one of our Ubuntu machines, but the actual files that run the iPod OS aren't visible, just like the personal info of this iPhone appears to not be visible.

faraaz said,
Oh no! This is like so totally bad omg cuz we all use ubuntu lucid lynx man holy crap

I know several people that use lucid lynx...

just kidding

Gabe3 said,

I know several people that use lucid lynx...

just kidding

You two done?

It may not be the most popular operating system but its still a decent one.

faraaz said,
Oh no! This is like so totally bad omg cuz we all use ubuntu lucid lynx man holy crap

Anyway, the OS is not some super hacking tool that is breaking into the phone, it just happened to make the vulnerability easy to discover. It wouldn't take long for someone who knows what they are doing to figure out exactly what is happening and how to do it with any OS.

faraaz said,
Oh no! This is like so totally bad omg cuz we all use ubuntu lucid lynx man holy crap

So much for "securty through obscurity".

faraaz said,
Oh no! This is like so totally bad omg cuz we all use ubuntu lucid lynx man holy crap

i can download, burn and use an ubuntu livecd in 15 minutes. cant you?

Me neither

I don't see it as a biggie as just about every computer/device can be read when you've got physical access unless it's been psecifically designed to be encrypted.

bobbba said,
Me neither

I don't see it as a biggie as just about every computer/device can be read when you've got physical access unless it's been psecifically designed to be encrypted.

I love hearing about all these vulnerabilities where physical access to the device is required. Isn't that the case with any phone or computer? Given physical access and enough time and resources, anything can be hacked.

Rudy said,
I don't have a pin on my phone....there's nothing I want to hide on it

You can encrypt the data on the iPhone anyways - not sure if this would be any use if you used that option?

Rudy said,
I don't have a pin on my phone....there's nothing I want to hide on it

You forgot two things:

1) Whoever found your phone could make a long distance calls - you end up paying for it.

2) Whoever could "spam" to your friends via the contact list (or steal all data for other uses)

Rudy said,
I don't have a pin on my phone....there's nothing I want to hide on it

As a person who routinely gets sensitive emails intended fro others with similar Gmail accounts, you probably just underestimate the sensitivity of your information.

When someone is abusing the info you didn't have to hide - that's not a practical time to change your mind. But hey, go ahead. If it weren't for people like you I wouldn't be reminded how valuable a personal security strategy is.