Apple would like you to think the new and supposedly enterprise-friendly encryption included with the iPhone 3GS makes it a fine smartphone for your business.
Don't you believe it, replies iPhone developer and hacker Jonathan Zdziarski. According to him, the 3GS encryption can be busted in mere minutes, using readily available jailbreaking apps like Redsn0w and PurpleRa1n. What's worse, once a data extraction from a 3GS begins, the phone itself begins to decrypt data on its own.
And don't count on MobileMe's remote self-erase feature to protect any state secrets: simply removing the phone's SIM card cripples the feature. (Compare this to RIM's Blackberry "self-destruct" capability, which kicks in after the phone has been inactive on the network for a predetermined amount of time.)
Adds Zdziarski, ‚ÄúIt is kind of like storing all your secret messages right next to the secret decoder ring. I don‚Äôt think any of us [developers] have ever seen encryption implemented so poorly before, which is why it‚Äôs hard to describe why it‚Äôs such a big threat to security.‚Äù
[Via Wired GadgetLab]