Το κενό ασφαλείας εντοπίστηκε από τον Bernd Marienfeldt και επηρεάζει ακόμα και τα μη-jailbroken και pin-protected iPhone 3GS!
I uncovered a data protection vulnerability , which I could reproduce on 3 other non jail broken 3GS iPhones (MC 131B, MC132B) with different iPhone OS versions installed (3.1.3-7E18 modem firmware 05.12.01 and version 3.1.2 -7D11, modem 05.11.07) , all PIN code protected which means the vulnerability bypasses authentication for various data where people most likely rely on data protection through encryption and do not expect that authentication is not in place.
This data protection flaw exposes music, photos, videos, podcasts, voice recordings, Google safe browsing database, game contents… by in my opinion the quickest compromising read/write access discovered so far, without leaving any track record by the attacker.
It’s about to imagine how many enterprises (e.g. Fortune 100) actually do rely on the expectation that their iPhone 3GS’s whole content is protected by encryption with an PIN code based authentication in place to unlock it.
The contents sample have been collected off a non jail broken iPhone 3GS (with latest iPhone OS installed, all apps fully up to date and immediately PIN lock enabled) by simply connecting it powered off via USB to a Linux Lucid Lynx PC (10.04) and then switched back on – being automatically mounted with given insecurity and never been attached to the PC before.
Αναμένουμε λοιπόν την διορθωτική κίνηση της Apple... η οποία μάλλον θα έρθει ενσωματωμένη στο iPhone OS 4.0