Tales From Decrypt: Hacker Sez iPhone Not Secure Enough For Business

This image described by iPhone 3GS, BlackBerry, RIM, iphone hacks, Security, encryption, Tfc5

Apple would like you to think the new and supposedly enterprise-friendly encryption included with the iPhone 3GS makes it a fine smartphone for your business.

Don't you believe it, replies iPhone developer and hacker Jonathan Zdziarski.  According to him, the 3GS encryption can be busted in mere minutes, using readily available jailbreaking apps like Redsn0w and PurpleRa1n.  What's worse, once a data extraction from a 3GS begins, the phone itself begins to decrypt data on its own.

And don't count on MobileMe's remote self-erase feature to protect any state secrets: simply removing the phone's SIM card cripples the feature.  (Compare this to RIM's Blackberry "self-destruct" capability, which kicks in after the phone has been inactive on the network for a predetermined amount of time.)

Adds Zdziarski, “It is kind of like storing all your secret messages right next to the secret decoder ring. I don’t think any of us [developers] have ever seen encryption implemented so poorly before, which is why it’s hard to describe why it’s such a big threat to security.”

[Via Wired GadgetLab]

About Dactyl Anapest

Google + Profile