Posted on Monday, September 15th, 2008 and is filed under Mobile, Phone. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
If you own an iPhone, then your data is public. Everything you do is temporarily stored as a screenshot and hackers and forensic experts alike would have no trouble recovering any data or information from you phone, according to Jonathan Zdziarski who discovered and exposed this flaw – while demonstrating on a webcast how to break the iPhone’s passcode lock.
Zdziarski explained to viewers that the iPhone snaps screenshots of your most recent action as you are using the phone, in a similar as it is done by some advanced key and screen loggers. It does not matter whether you are checking you e-mail, sending a text message, or searching your favorite website. The screenshot is captured in an effort to cache your data.
There is no malicious intent on Apple’s side – the data is cached for aesthetic purposes: When an iPhone user taps the Home button, the window of the application that is being opened shrinks and disappears. To enable the shrinking effect, the iPhone is forced to capture a screenshot, Zdziarski said.
Theoretically, the phone would delete the image once the application is closed. However, anyone with a working knowledge of data will understand that, in the majority of cases, temporary files are not entirely removed from a storage device. It is for that reason that forensic experts and hackers have been able to utilize this slight flaw to recover files that were previously deleted by users.
“There’s no way to prevent it,” Zdziarski said during the webcast. “I’m kind of divided on it. I hope Apple fixes it because it’s a significant privacy leak, but at the same time it’s been useful for investigating criminals.”
Even though the handset is only capable of snapping screenshots when the Home button is pressed by users, Zdziarski claims that this is only one of many ways that forensics experts are capable of gathering evidence. Other methods include taking data from the iPhone’s keyboard cache, Safari cache, Google Maps searches, and other program uses. Experts and hackers are also capable of recovering at least portions of what you may have deleted – such as e-mail or photos from the past.
Zdziarski not only exposed and pointed out major security flaws and privacy leaks; he also walked viewers of his webcast through the measures necessary for bypassing an iPhone’s passcode in an attempt to gain full access to the phone.
The great news for Apple is that bypassing this passcode is not simple. It took Zdziarski, a trained professional, almost an hour to share the process. As an inexperienced hacker it would more than likely take you double to triple the time. The process involves using the Pwnage tool that was used to jailbreak the first iPhone to create your own custom firmware bundle and then changing it in an attempt to delete the factory passcode protection.
Even though the method is tough, Zdziarski claims that anyone with time on their hands and a little digital know-how can potentially break through the security walls of the iPhone.
“This flaw can only be exploited by somebody with physical access to a device, but your phone could get into the hands of someone with more malicious intent,” he said. “Obviously, you don’t want to trust any of your data to a passcode.”