Password retrieval in lost or stolen iPhones/iPads takes six minutes (w/ Video)

Feb 11, 2011 by Lin Edwards report
Screenshot of Proof of Concept approach with truncated Output of revealed Password

(PhysOrg.com) -- A team of researchers has demonstrated how passwords in iPhones and iPads can be retrieved from a stolen or lost device in only six minutes, even if it is locked. The passwords can include access passwords for corporate networks.

Scientists at the Fraunhofer Institute for Secure Information Technology (SIT) test laboratory in Germany have shown how someone who steals or finds an or iPad can use existing to “jailbreak” the device and gain access to the command shell. A secure shell (SSH) server can then be installed to enable them to run their own software on the device. Both procedures can be carried out even if the device is locked.

The attackers can then upload a script to the device to use the device’s own tools to give them access to the keychain, which is Apple’s password management system. The keychain entries can then be downloaded to the attacker’s computer.

The attack is successful because in the current operating system in “i” devices (iOS) large parts of the file system are accessible even if the device is locked, and the cryptographic key is not protected by the passcode.

This video is not supported by your browser at this time.

The demonstration showed the researchers were able to retrieve in the keychain but not in other protection classes. They were able to access and decrypt passwords for Google Mail (as an MS Exchange account), voicemail, virtual private network (VPN), WiFi, some Apps, various MS Exchange accounts and Lightweight Directory Access Protocol (LDAP) accounts.

The researchers said with the SIM card removed from the device they could also access email passwords and access codes for corporate WLANs and VPNs. Having access to email passwords gives the attacker even more passwords since many passwords are reset simply by requesting a reset and providing the email address.

Credit: research paper (see link below)

The researchers recommended that anyone who loses an iOS device or has it stolen should immediately change all their passwords for all accounts, even those not stored in the iPhone or iPad. They also warned that similar or identical passwords to those the attackers might access on the device are especially vulnerable to hacking. They said that encryption is no protection because the encryption relies on the secret information that would be revealed by the attack.

The attack is easy to conceal, and this means that devices left unattended even for just a few minutes could be vulnerable.

Explore further: Forging a photo is easy, but how do you spot a fake?

More information: www.sit.fraunhofer.de/en/Image… rds_tcm502-80443.pdf


Related Stories

Germany warns of Apple security problem

Aug 04, 2010

(AP) -- Several versions of Apple's iPhone, iPad, and iPod Touch have potentially serious security problems, a German government agency said in an official warning Wednesday.

Are you any good at creating passwords?

Jan 30, 2010

There's an interesting little study that's been done by security firm Imperva, which analyzed some 32 million passwords posted online in December by some enterprising hacker.

Gawker hack underscores flaws with passwords

Dec 19, 2010

The fallout from a hacking attack on Gawker Media Inc. a week ago underscores a basic security risk of living more of our lives online: Using the same username and password for multiple sites is convenient, but costly.

So many passwords, so little memory

Apr 15, 2009

How many keys are on your keychain? I just looked at mine and counted nine keys. And that's not counting the bulky little remote control key fob that locks and unlocks my car. I've tried to consolidate my keys by making one ...

Recommended for you

Forging a photo is easy, but how do you spot a fake?

Nov 21, 2014

Faking photographs is not a new phenomenon. The Cottingley Fairies seemed convincing to some in 1917, just as the images recently broadcast on Russian television, purporting to be satellite images showin ...

Algorithm, not live committee, performs author ranking

Nov 21, 2014

Thousands of authors' works enter the public domain each year, but only a small number of them end up being widely available. So how to choose the ones taking center-stage? And how well can a machine-learning ...

Professor proposes alternative to 'Turing Test'

Nov 19, 2014

(Phys.org) —A Georgia Tech professor is offering an alternative to the celebrated "Turing Test" to determine whether a machine or computer program exhibits human-level intelligence. The Turing Test - originally ...

Image descriptions from computers show gains

Nov 18, 2014

"Man in black shirt is playing guitar." "Man in blue wetsuit is surfing on wave." "Black and white dog jumps over bar." The picture captions were not written by humans but through software capable of accurately ...

Converting data into knowledge

Nov 17, 2014

When a movie-streaming service recommends a new film you might like, sometimes that recommendation becomes a new favorite; other times, the computer's suggestion really misses the mark. Yisong Yue, assistant ...

User comments : 4

Adjust slider to filter visible comments by rank

Display comments: newest first

Dhanne
5 / 5 (2) Feb 11, 2011
Unwanted password retrieval in iThings isn't a flaw to Apple. It's a feature. And soon Apple will charge of its usage.
zealous
not rated yet Feb 11, 2011
Sigh, there is something I was taught along time ago about computers and the like; physical access is total access. If you can touch you own it. So far that has applied to every device I've seen.
zslewis91
not rated yet Feb 11, 2011
@dhanna, from a security stand point, it is a flaw. its a crack. its what it is....most certainly nothing anyone with a brain can call a "feature". and if it is a "feature"(not sure as of the moment for i have done no research yet
tigger
not rated yet Feb 11, 2011
OMG how did you not get the sarcasm in Dhannes post!? Every man and their dog knows that Apple fan freaks are famous for leaping to the support of their holy products with claims that any hardware or software problem is in fact nothing too serious at all and they still love their beloved product no matter how dire the circumstances.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.