This article was lifted from the Straits Times, dated Saturday 26th June, 2010. Some may have read it but for the benefit of those who haven't, here goes.
Apple is aware of the situation and is looking to plug the loophole
(Home, pg B2)
LOCK up your iPhones.
A Singapore security firm has discovered a way to bypass the popular phone's four-digit lock - by accident.
The breach, found by security training and forensics firm ThinkSecure, allows someone with the right software to access the data on lost or stolen iPhone handsets not updated with the latest version of operating software, which was released earlier this week.
The handset could even be installed with software to, say turn it into a remote bugging device without the owner's knowledge. The firm came across the loophole while trying to find a way to retrieve some data from an office iPhone, said ThinkSecure founder Julian Ho.
An employee had set a passcode to prevent unauthorised use - then promptly forgot what it was. While the handset could be reset to remove the passcode, doing this would also wipe out the data on the phone, which the firm needed.
When tinkering with the iPhone 3GS, the firm found a way to shift the encrypted passcode file to a different location on the phone, said Mr Ho.
It did this by making a modification to Spirit, a popular program used to "jail-break" iPhones. Jailbreaking allows iPhone users to install software not available at Apple's official online store.
When the iPhone is turned on, it attempts to find the passcode file. Since the file is no longer where it is supposed to be, the iPhone creates a new, blank passcode file. But because the new file is blank, the phone allows the user to access it without entering a passcode.
ThinkSecure subsequently discovered that it could also return the passcode file to its original location. When this is done, the phone gets its original passcode back - as if it had never been tampered with.
In a demonstration, Mr Ho was able to bypass a four-digit lock set by The Straits Times, take a quick peek at the handset's contents, and then reset it to its original passcode, in 13 minutes.
In a statement, Apple said that it was aware of this issue and was looking to plug the loophole. While the new version of iPhone software prevents the bypass, which rides on the Spirit program, from working, Mr Ho believes it is a matter of time before a new loophole is found.
In fact, "if we can do it, someone else can, and might have done so, too," he said.
News of the loophole has rattled some iPhone users here.
"If Apple cannot even ensure the security of such a basic feature, then of course I'm worried," said Apple fan Brian Chen, who has an iPhone 3GS and an Apple notebook.
The 30-year-old engineer had not got round to updating his phone to the new operating software, but said he would do it "when you (this reporter) stop talking to me".
Apple is aware of the situation and is looking to plug the loophole
(Home, pg B2)
LOCK up your iPhones.
A Singapore security firm has discovered a way to bypass the popular phone's four-digit lock - by accident.
The breach, found by security training and forensics firm ThinkSecure, allows someone with the right software to access the data on lost or stolen iPhone handsets not updated with the latest version of operating software, which was released earlier this week.
The handset could even be installed with software to, say turn it into a remote bugging device without the owner's knowledge. The firm came across the loophole while trying to find a way to retrieve some data from an office iPhone, said ThinkSecure founder Julian Ho.
An employee had set a passcode to prevent unauthorised use - then promptly forgot what it was. While the handset could be reset to remove the passcode, doing this would also wipe out the data on the phone, which the firm needed.
When tinkering with the iPhone 3GS, the firm found a way to shift the encrypted passcode file to a different location on the phone, said Mr Ho.
It did this by making a modification to Spirit, a popular program used to "jail-break" iPhones. Jailbreaking allows iPhone users to install software not available at Apple's official online store.
When the iPhone is turned on, it attempts to find the passcode file. Since the file is no longer where it is supposed to be, the iPhone creates a new, blank passcode file. But because the new file is blank, the phone allows the user to access it without entering a passcode.
ThinkSecure subsequently discovered that it could also return the passcode file to its original location. When this is done, the phone gets its original passcode back - as if it had never been tampered with.
In a demonstration, Mr Ho was able to bypass a four-digit lock set by The Straits Times, take a quick peek at the handset's contents, and then reset it to its original passcode, in 13 minutes.
In a statement, Apple said that it was aware of this issue and was looking to plug the loophole. While the new version of iPhone software prevents the bypass, which rides on the Spirit program, from working, Mr Ho believes it is a matter of time before a new loophole is found.
In fact, "if we can do it, someone else can, and might have done so, too," he said.
News of the loophole has rattled some iPhone users here.
"If Apple cannot even ensure the security of such a basic feature, then of course I'm worried," said Apple fan Brian Chen, who has an iPhone 3GS and an Apple notebook.
The 30-year-old engineer had not got round to updating his phone to the new operating software, but said he would do it "when you (this reporter) stop talking to me".
Comment