
IPhone vulnerability leaves your data wide open, even when using a PIN - iamelgringo
http://www.engadget.com/2010/05/27/iphone-vulnerability-leaves-your-data-wide-open-even-when-using/
======
noelchurchill
Can't you hack just about any computer given physical access and being able to
plug another computer into it?

------
tptacek
Uh huh. Because the other phones on the market? When you plug them into a USB
port? Impregnable.

~~~
itistoday
Justifying your shortcomings "because everyone else has them" is a recipe for
failure, and doesn't get rid of the fact that there's a shortcoming. In this
case, a rather significant one.

~~~
tptacek
That's besides the point. I'm not justifying anyone. I'm saying the article is
presenting a false choice, between a phone with a known physical security
issue and a fictitious phone without one, and claiming that choice should
influence enterprise buying.

~~~
Locke1689
Right. It's like they're insinuating that there's some mythical smartphone
with an HSM FIPS 140-2 L4 compatible crypto chip. Face it, if someone wants
the data on your smartphone they can get it.

~~~
winthrowe
Like blackberries?
[http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val...](http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2005.htm)

edit: I'm no expert and read too quickly the level 4 you mentioned, but at
least isn't overall level 1 better than iphone's overall level 0?

~~~
Locke1689
Not especially. If memory isn't tamper proof and you get a hold of a phone
that's on (very likely) then you can just dump the RAM and scour for the
encryption key.

------
tedunangst
Did anybody think the data was encrypted? Does anybody think a four digit pin
is a sufficient key for encryption?

~~~
stcredzero
Sure, here's one way to do it. The PIN is handled by hardware, which sends a
longer decryption key (128 bit, say?) to encrypted disk hardware, then yes.
You'd have to disable the 4 digit PIN decryption if more than 15 or so
attempts in a row fail. (But perhaps have a much longer passphrase for
recovery.)

With this scheme, the data is protected by a 128 bit symmetric cipher key.
There is a small chance that the PIN could be guessed by luck (0.15%) but this
is much better than nothing.

~~~
Locke1689
For the most part, I wouldn't trust encrypted disk hardware. The relevant
standard for this sort of thing is NIST FIPS 140-2.

Edit: _You'd have to disable the 4 digit PIN decryption if more than 15 or so
attempts in a row fail._

On second thought, there are numerous ways this could be vulnerable to a side-
channel attack.

~~~
stcredzero
It would still make it more difficult than plugging the device into a Linux
box.

Would the side channel attack work if you only had access to one particular
iPad on one occasion?

EDIT: One side channel that would be nasty - the greasy fingerprints on the
keypad! (Perhaps the keypad could move to random locations?)

------
timmorgan
Apple, please don't encrypt stuff on my iPhone. It's hard enough to copy music
to/from it from my Linux machine as it is.

------
ryanpetrich
The software to do this has been available for a long time now. iTunes
requires devices to be unlocked via a passcode to perform a sync, but that's a
courtesy--the AFC service running on the device allows full access to the user
partition from the USB interface without restriction.

------
dshep
just imagine what kind of access you'd get if you plugged it into a mac? and
PS. does this mean you can sync music to an iphone in linux? if so, cool!

~~~
mirkules
AFAIK, you get no access other than through iTunes. The iPhone storage volume
doesn't mount in OS X the way regular USB drives do. If anyone knows something
different, enlighten me (I'd love to use it as a portable HD)

