Unlock iPhone, Jailbreak iPhone and iPhone Unlocking
iPhone Unlock and Jailbreak

Is your Data Secure with iPhone 3GS Encryption

7/26/2009 06:35:00 PM - 0 comments
iPhone 3GS EncryptionIt was only on Tuesday, July 21, 2009 when Apple proudly announced in it financial results about the growing trust and business relationship between Apple Inc. and the corporate sector. Citing example of almost 20 percent of Fortune 100 companies having purchased 10,000 or more iPhones per company, this is considered as one of the most successful partnerships, which is anticipated to grow over the years.

However, what followed the announcement was a startling revelation by an iPhone developer and professor of forensic studies, Jonathan Zdziarski. He broke the news much to the discomfort of Apple Inc. that frequent test have indicated a fragile encryption functionality of the iPhone 3GS. According to Zdziarski, it is so easy to crack the encryption that any one can extract your confidential information (otherwise stored as encryption in the iPhone) within two minutes with regular free software available.

Clients trust on iPhone Encryption Feature questioned

The Encryption feature is undoubtedly one of the most dominant ones to have enticed the corporate clients as they go gaga over Apple iPhone 3G S. The recent statistics provided by Apple Inc. in its latest quarterly earnings conference is enough evidence of the growing popularity of iPhones easy-to-use interface and wealth of downloadable applications in the world of corporate business.

Tim Cook, the chief operating officer of Apple has revealed that while almost 20 percent of Fortune 100 companies have purchased 10,000 or more iPhones apiece, multiple corporations and government organizations have purchased 25,000 iPhones each. Moreover, the iPhone has also been approved in more than 300 institutions of higher education. And, one of the most intrinsic part of choosing iPhone is definitely the trust the device is supposed to provide in high security business information and financial data.

BIG REVELATION - Encryption of iPhone 3GS is easy to crack

Jonathan Zdziarski’s big revelation that the encryption functionality of the iPhone 3GS is too easy to crack has created a commotion in the iPhone world. Even a forensics expert has categorically claimed that the ‘flawed’ encryption feature in iPhone 3G S can be ‘broken’ and is a threat to your sensitive personal data likes credit card and social security numbers, including business information and financial data.

This encryption system in the enterprise-friendly iPhone 3G S is cited to be one of the most poorly implemented and thereby, a big security threat, according to Zdziarski. Apart from the iPhone 3GS, even the previous generation iPhone 3G or first generation iPhone did not feature encryption. Therefore, if by chance, your iPhone falls into some wrong hands; all the intruder will need is a few pieces of readily available freeware, which can extract all the live data in 2 minutes flat.

Zdziarski has also added that the one who intrudes your data can then make an entire raw disk image in about 45 minutes using popular jailbreaking tools such as Red Sn0w and Purple Ra1n to install a custom kernel on the phone. After that, all that needs to do is install Secure Shell (SSH) client to port the iPhone’s raw disk image across SSH onto a computer.

Zdziarski in a demonstration of the technique easily tapped into an iPhone 3GS’ data with a few steps. As claimed, the encryption did not pose any hindrance. Another notable fact is that the iPhone 3GS begins to decrypt the data on its own, once one begins extracting data from the device.

Will iPhone App Developers offer extra security?

It is true that most iPhone users including the corporate and business organizations are ignorant and unaware of the iPhone’s encryption flaws. At the same time, the iPhone applications are too good to resist and are increasingly attracting business groups. For example, while applications, which help process credit cards on an iPhone anywhere with a Wi-Fi or cellular connection is a favorite with the merchants handling frequent transactions; iPhone app such as Quickoffice Mobile, enables users to access and edit Microsoft Word or Excel files on their iPhone.

Now, the big question is that, with the iPhone’s poor encryption functionality posing a threat to data security, will the App developers add an extra level of security to their apps? Although, there are instances of some business-savvy apps that have already managed to integrate better security; companies however, need to be cautious about ushering too much trust in the iPhone and the available iPhone apps.

What is Apple saying?

Apple yet has declined to comment on iPhone security issues. However, the company has earlier nearly admitted that iPhones are susceptible to security threats, since an emergency measure exists. What measures Apple Inc. takes to rectify the threat perception pertaining to the device’s encryption functionality, only time will say. Until then, play safe with your iPhone.


Posted: Seuli.B

0 Responses

Post a Comment