Oops! Serious iPhone OS Data Protection Flaw

It’s been reported in several blogs that two security experts (Bernd Marienfeldt and Jim Herbeck) have uncovered a way to gain access to the iPhone 3GS file system and potentially make modifications to files leaving no trace of it, even with file system encryption security active. The data protection vulnerability included several different instances of non-jailbroken iPhones.

The security exercise was completed with Ubuntu Lucid Lynx. Here is the abstract from their report:

I uncovered a data protection vulnerability, which I could reproduce on 3 other non jail broken 3GS iPhones (MC 131B, MC132B) with different iPhone OS versions installed (3.1.3-7E18 modem firmware 05.12.01 and version 3.1.2 -7D11, modem 05.11.07), all PIN code protected which means the vulnerability bypasses authentication for various data where people most likely rely on data protection through encryption and do not expect that authentication is not in place. […] [It is] in my opinion the quickest compromising read/write access discovered so far, without leaving any track record by the attacker. It’s about to imagine how many enterprises (e.g. Fortune 100) actually do rely on the expectation that their iPhone 3GS’s whole content is protected by encryption with an PIN code based authentication in place to unlock it.”

The data protection flaw exposes music, photos, videos, podcasts, voice recordings, Google safe browsing database, game contents, etc.

Bernd Marienfeldt and Jim Herbeck have notified Apple of this flaw. They have confirmed that Apple was able to easily reproduce the security break-in and seems to understand why this is happening. However, they also confirmed that Apple would not provide timing or further details about a fix or even if this fix would be included with iPhone OS 4.0

Considering how many iPhone users are out there, I’m really concerned about how much corporate and personal information these users are exposing to anyone with enough knowledge on these hacks.

About Diego Samuilov

Editor in Chief/Founder Diego Samuilov is an executive, consultant, IT strategist and book, e-book and web published author. Diego has worked in Microsoft’s environments since 1990. Since then, he has successfully filled many positions related to the Software Development lifecycle. Having worked as a developer, analyst, technical lead, project lead, auditor and, since 1996 a project manager, manager, director and VP in the Software Development, Server, Desktop and Mobile environments. Diego is very passionate about the software development process, which has played a great part in his skills development. Since the introduction of the first ever PDA (the Apple Newton MessagePad) in 1994 and Windows CE in 1998 he has pioneered and pushed the envelope in the field of mobile software development. He has developed many solutions used in mobile markets, desktop and server environments. He participates in public and private developer community events. He actively collaborates with the community at support forums and blogs. Diego is the author of "Windows Phone for Everyone" available [HERE].