New iPhone hardware encryption not even close to hack proof
The new iPhone 3GS includes hardware-based encryption, giving the impression that your data is more secure than on previous models. A well-known iPhone security expert shows, however, that the data is just as easy to grab using simple hacking tools.
By Chris Foresman | Last updated July 24, 2009 11:16 AM CT
Apple has attempted to improve the security of iPhone data two ways with recent updates. One new feature is encrypted backups, available to any phone running iPhone OS 3.0 and iTunes 8.2 or later. Another is hardware-based encryption, available on the iPhone 3GS. On the surface, these things may seem industrial-grade, but iPhone data forensics expert Jonathan Zdziarski told Ars that it's trivial to get around these features.
The improved security features will absolutely keep out casual snoopers. However, serious thieves or hackers can use easily accessible tools to break the passcode lock and create an unencrypted backup of your entire device. Zdziarski demonstrates how to do so using his own forensics tools (see video below), but common jailbreaks like purplera1n or redsn0w can be used to the same ends. The passcode and encrypted backup password can be deleted with these hacks, allowing an unencrypted backup to be made. That backup can be scoured for images, phone numbers, passwords, or other data.
The hardware encryption, meant to appeal to enterprise customers, can be just as easily thwarted. Using the same jailbreaking tools, the file system can be exposed and accessed like any other UNIX-based operating system. The hardware encryption system will then happily unencrypt the data and present it to the user. "The kernel decrypts it for you when you ask for files, so you get the decrypted copy," explained Zdziarski. "The only benefit hardware encryption has then is that it makes wipes faster, by just dropping the key."
Even that benefit is of little use if an iPhone thief has a paper clip. The remote wipe feature-as well as "Find my iPhone"-can be disabled by removing the iPhone's SIM card. Then, any of the above hacks could be used to access the data on the device. BlackBerrys, by contrast, can be set to wipe itself after a certain period of being disconnected from the network.