Forgot your password?
typodupeerror
Iphone Security Apple

iPhone Attack Reveals Passwords In Six Minutes 186

Posted by samzenpus
from the what-took-so-long? dept.
angry tapir writes "Researchers in Germany say they've been able to reveal passwords stored in a locked iPhone in just six minutes and they did it without cracking the phone's passcode. The attack, which requires possession of the phone, targets keychain, Apple's password management system. Passwords for networks and corporate information systems can be revealed if an iPhone or iPad is lost or stolen."
This discussion has been archived. No new comments can be posted.

iPhone Attack Reveals Passwords In Six Minutes

Comments Filter:
  • by broknstrngz (1616893) on Thursday February 10, 2011 @10:37AM (#35161748)

    Fb gurl'ir svtherq Nccyr jnf hfvat ebg13, abj jung?

    • Gurl'yy fjvgpu gb ebg39. Nsgre nyy, vg zhfg or zber frpher!

      • by deblau (68023)

        Gurl'yy fjvgpu gb ebg39. Nsgre nyy, vg zhfg or zber frpher!

        ebg39: vg'f whfg yvxr ebg13, bayl guerr gvzrf nf frpher! Xvaqn yvxr gevcyr QRF sbe qhzzvrf. Gur wbxrf jevgr gurzfryirf.

    • THink about it.... Do you enter a passwrod when start your phone? No? well then how is the built-in keychain locked? it's not. et might be encoded but the phone itself has to have the password. If you can jailbreak it or if like android, it's already jailbroken for you, then you have no password security.

      • by xaxa (988988)

        1) Maybe the keychain should be encrypted using the unlock code.

        2) Maybe the phone should have a private key used for authentication (except the first time). The key could be encrypted with a passphrase (used at power-on) and/or a passcode (the unlock code).

        • by aaarrrgggh (9205)

          Brute forcing the unlock code wouldn't be that much harder if it can be done externally, and you are (practically) limited to a shorter passcode on a phone.

          You could have a QR code or something similar that the camera needs to see in order to unlock... but how quickly will that become abused? Any time you go for a stand-alone device, you are going to have compromises.

      • by clang_jangle (975789) on Thursday February 10, 2011 @11:17AM (#35162164) Journal

        THink about it.... Do you enter a passwrod when start your phone?

        Of course I do. Any real geek probably has a password set, and a suitably short timeout. Still, physical access to any device trumps almost any security measure. The headlines scream "iPhone" but this can be done with any mobile device, once you have it in your possession.

        • by Dare nMc (468959)

          physical access issues are more about getting full use of a device, not about getting to the secure data stored on the device. IE if they get ahold of my Laptop, I fully expect the thief to be able to get a windows login, and even a admin account up, but he isn't going to get my web/banking passwords from mozilla. Although I wouldn't be surprised if they can install a trojan that could get these on my next login, if the device were given back to me. But really 6 minutes after grabbing the device to have

          • by Graff (532189)

            if they get ahold of my Laptop, I fully expect the thief to be able to get a windows login, and even a admin account up, but he isn't going to get my web/banking passwords from mozilla.

            And that's exactly what is happening here. The only thing that they can get is stuff like network credentials which need to be active in order for the phone to get data while it is locked by the user. User data, including most of the application data associated with the user and the user's own personal keychain, is still secure.

            Click through the article to the actual description of the method and you'll see exactly what kind of data is exposed.

            Is it a security hole? Yes, it is but not in the way that many p

        • by drjzzz (150299)

          "Of course I ...[have]... a password set, and a suitably short timeout. Still, physical access to any device trumps almost any security measure."

          This seems contradictory: if physical access trumps security, why bother with the annoying password?

          • For the same reason everyone locks their doors, in spite of the fact that all locks are defeatable: it works *most* of the time.
            • by drjzzz (150299)

              By that analogy, you are locking and walking away from your phone? No, you are holding onto your phone. You would not lock your door if you were going in and out frequently, say to the porch or the barbecue.

      • I have not heard of anybody successfully hacking a password protected Blackberry. Even with physical access. Maybe there is a way but it is probably too costly and time consuming to even consider. Definitely no such hack has been documented.

        If anyboyd has any examples where a password protected BB is cracked, I would be interested to hear about it :)

        - JsD

    • Yea, well, mine's better, I use rot13 twice! Crack this, sucker!
      • by goombah99 (560566)

        Yea, well, mine's better, I use rot13 twice! Crack this, sucker!

        I decrypted your message by applying ROT2 thirteen times.

  • by jgtg32a (1173373) on Thursday February 10, 2011 @10:42AM (#35161788)
    Root access is there anything it can't do?
    • by Bigby (659157)

      Decrypt passwords in a typical Unix shadow file

    • This isn't about the phone, it's about the Keychain. I'm not sure whether the Mac version is identical or not, and whether FileVault uses it or not, but if both these conditions are met, it's bad. Really bad.

      • by profplump (309017)

        If you use the "Master Password" feature there is a system-level Keychain that contains the FileVault disk keys. Otherwise the two are unrelated; a user's Keychain file is actually inside the FileVault.

        On OS X systems the Keychain API/etc. is more or less the same as on iOS but a user's Keychain encryption is based on the user's login password (or if different, the keychain password), so this same attack isn't feasible (unless you do something dumb like turn on auto-login and don't set a separate keychain p

    • by jbezorg (1263978)

      But what the article didn't say was that the phone needed to be jailbroken by the original owner to start the process. Only that Jailbreaking is part of the process. Someone may infer that from your statement and that is not the case.

      From the paper: http://www.sit.fraunhofer.de/en/Images/sc_iPhone%20Passwords_tcm502-80443.pdf [fraunhofer.de]

      For evaluating the practical strength of iOS device encryption security, we assume an attacker with physical access to the device, e.g. accomplished by theft
      or when finding a lost devi

    • You can jailbreak an iPhone without knowing the unlock pin.
    • by Alsee (515537)

      Relies on Jailbreaking Root access is there anything it can't do?

      Jailbreaking and root access can't do squat if things are properly encrypted.

      The entire point of the is story is that the iPhone's encryption is done improperly. The encryption is done with a key sitting on the device, without involving your password at all. The iPhone is stupidly programmed to check if you entered the right password and then simply use the stored key to decrypt your data.

      If you jailbreak you can skip the password check and di

    • Root access is there anything it can't do?

      According to the actual paper [fraunhofer.de]

      Secrets within other protection classes, such as passwords for websites, could not be revealed in our lost device scenario. In our proof of concept implementation, these secrets — marked "protected" in Table 1 — were available to the script only after entering the passcode to unlock the device, which by assumption should not be possible for an attacker.

  • What a useless report if we don't know which version of iPhone is targetted ? If this attack is effective against an iPhone4 then that's very interesting news, overwise who cares, we already know that 3GS and previous models [zdziarski.com] are wide open.
  • I keep my list of passwords taped to the back of the phone...well, really, my password...which is just my name spelled backwards, but I cleverly spelled it the right way on my sticker.

  • If an attacker has physical access to a computer(PC, Server, phone, etc...), is there anyway to stop them? Is there really any unbreakable way to encrypt your data?

    • by 0123456 (636235)

      Is there really any unbreakable way to encrypt your data?

      Uh, yes. It's called a one-time pad.

      And just encrypting your list of passwords with a decent master password would take a lot more than six minutes to crack.

      But I'm guessing iThing users don't want to be entering a sixteen character random password on a touchscreen 'keyboard' each time they need to log in somewhere.

      • by natehoy (1608657)

        Actually, if Apple had even encrypted the keyring decryption key with the passcode of the user, the default of a 4-number passcode means it would take up to 10,000 tries to get to the keyring. Still not terribly secure, but better than leaving the key hanging out of the ignition as things appear to be at the moment.

    • by spud603 (832173)

      If an attacker has physical access to a computer(PC, Server, phone, etc...), is there anyway to stop them? Is there really any unbreakable way to encrypt your data?

      Yes? Well, not really 'unbreakable', but impractical in a lifetime to crack. In fact, this is exactly what encryption is meant for: keep data secure even if it is publicly viewable.

    • by jo_ham (604554)

      For the Keychain, supposedly yes. On OS X itself the keychain can be locked independently of your user account. By default it is not - it shares the same password as your login, and unlocks when you log in. You can have it use a different password though and it stays locked until you allow access. Thus even if your machine is stolen and someone changes the password to your account they can't get into your keychain.

      This is also what happens if you change the password using the OS X install disk (if you forge

      • by gabebear (251933)
        The keychain on the iPhone is locked only by software restriction... it doesn't use encryption(there isn't any password to encrypt with). If you backup your iPhone with iTunes without enabling "Encrypt iPhone backup", then you will see all your saved keychain in plain text in that backup.

        This attack relies on a jailbreak to get around the normal keychain software security measures... although once an attacker has root on a running system, nothing it safe.
        • by Ferzerp (83619)

          This is mostly correct. But encrypted data *is* safe if the keys are not stored on the system in question as long encryption was implimented sanely.

    • Re:Physical Access (Score:4, Insightful)

      by rainmouse (1784278) on Thursday February 10, 2011 @11:03AM (#35162046)
      It's easier to steal or loose your phone than it is to break into your home and steal your desktop and considering the majority of people use the same passwords for email, Facebook, Amazon shopping and online banking, I'd consider this a serious security breach. Yes you can call people dumb for not being tech savvy but isn't that the target audience for apple products? (I don't mean dumb, just non-technical minded folk)
    • Unbreakable as in the resources required would be very significant to get access... yes. Laptops that use pre-boot authentication have solutions to protect them as long as they are powered off when stolen. The problem with phones of any kind is that they are always powered on so a pre-boot authentication scheme does not work for them. Even if you tried to protect the key the device has to have it in memory to decrypt the data so there could be a way to get it. For those using "GOOD for Enterprise" inste
      • by natehoy (1608657)

        The problem with phones of any kind is that they are always powered on so a pre-boot authentication scheme does not work for them. Even if you tried to protect the key the device has to have it in memory to decrypt the data so there could be a way to get it.

        You can still lock the phone and make the data inaccessible for any practical purpose.

        Look at the Blackberry model.

        - Filesystem is encrypted by a long key.
        - Long key is present on the phone, but key is encrypted by the user's login password.

        I have a moderately complex password controlled by a set of rules my company sets, and the phone locks itself after 15 minutes of non-use.

        When the phone is locked, the OS still has access to the keyring so it can check my email and stuff, but I have no wa

    • by mlts (1038732) *

      Yes. Compartmentalize the data into as many little pigeonholes as possible, and only have the cubbyhole open/mounted/decrypted that is being worked on at the moment. When done with it, dismount/encrypt it.

      I do this with my laptop and TrueCrypt. If I'm done with my Quickbooks instance, I suspend the VM and dismount the partition the VM disks are in. Doing this is the only real way of ensuring security in case of physical compromise. Of course, in a lot of cases, one can't really dismount critical server

    • by kwerle (39371)

      If an attacker has physical access to a computer(PC, Server, phone, etc...), is there anyway to stop them? Is there really any unbreakable way to encrypt your data?

      Yes. There are many ways to encrypt data so that it is practically unbreakable. There is only one known encryption known to be perfectly unbreakable - as others have mentioned: http://en.wikipedia.org/wiki/One-time_pad [wikipedia.org] .

      Hollywood movies portraying the decrypting of anything is just bunk.

      "practically unbreakable" in this case means "unbreakable in our lifetimes using the power of all the computers in the world".

      From the article:
      "The attack works because the cryptographic key on current iOS devices is based

  • by Anonymous Coward

    ...isn't attractive to the best of breed programmers. It's hot, there's lots of traffic, the smog is so bad you can't see the sun. Not to mention the bizarre corporate structure and superstar status Apple thinks itself as. The internal security is hell, nobody is on the same page. Your pulled off one job to do another and someone else completes your job in a half-assed manner and then you get the blame. There's this high level of greed that permeates the top dogs, they are looking at locking down all their

  • by jallen02 (124384) on Thursday February 10, 2011 @10:59AM (#35161994) Homepage Journal

    In IOS >4 with a modern device (3GS or better, iPad included) this article is blatantly incorrect.

    "The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said.". Not true. In iOS4 they use a variant of PBKDF2 to generate an encryption key that is used along with the device key alluded to in this article to decrypt "class keys". The class keys are then used to access data at the various protection levels (Never, After First Unlock, Only When Unlocked). Each of those levels of data has a separate key. Those keys are required to decrypt the individual keys on each file. Each file has an encryption key set on it in the meta data (which means you do have to reformat your system and set a reasonable passcode).

    Because of the PBKDF2 variant brute forcing is infeasible. Because of the device key you have to try this IN the device and are limited to Apple's hardware for forcing.

    All of this is possible because Apple has an AES-256 hardware chip that blazes through crypto for that algorithm.

    Remote wipe uses yet another key (the file system key). So each file encryption key requires a "Class key" and a "file system key" to be decrypted. Lose either one and the file system is history. So remote wipe is accomodated in newer versions of iOS by just forgetting the file system key.

    In short, this article is not providing an accurate portrayal of "current/latest" devices. Though I am not sure how many people: Have the newer hardware, have iOS 4 AND have reformatted their filesystem to accomodate the required metadata.

    • by 0123456 (636235)

      So where are the keys stored?

      If the keys are in the device and visible to software, then anyone with root access can get the keys. Otherwise you need some kind of secure key storage which would require an attacker to dismantle the phone and take the key storage chip apart, or the user has to enter it every time.

      • by jallen02 (124384)

        http://wikee.iphwn.org/s5l8900:encryption_keys [iphwn.org]

        That is why the user's passcode is so critical. When you unlock the device it is created once (derived using PBKDF2) and then the passcode is gone. The derived key is held in memory to decrypt the class keys. When the device locks the class keys are (for sure) encrypted and the derived key is forgotten as well.

    • by jbezorg (1263978)

      From the Paper: http://www.sit.fraunhofer.de/en/Images/sc_iPhone%20Passwords_tcm502-80443.pdf [fraunhofer.de]

      In the described situation, device encryption commonly should provide protection against attacks from the outside. If the device is still turned on — e.g., not
      run out of battery meanwhile —, we assume that no remote wipe6 command was received in the meantime (e.g, theft remained unnoticed, no network connection, etc.). In any case, the attacker turns off the device and removes the SIM card to prevent a

    • by kangsterizer (1698322) on Thursday February 10, 2011 @12:14PM (#35162910)

      OR you could read the PDF which states CLEARLY:

      "The results were taken from
      a passcode protected and locked iPhone 4 with current firmware 4.2.1. "

      That is the latest iOS and the latest iPhone, mind you.

      http://www.sit.fraunhofer.de/en/Images/sc_iPhone%20Passwords_tcm502-80443.pdf [fraunhofer.de]

      • by jallen02 (124384)

        Point taken. Comment addressed at: http://apple.slashdot.org/comments.pl?sid=1989624&cid=35162734 [slashdot.org]

      • Might as well state that what they wrote is not wrong.
        What they get from the device are things like the Wifi access code and it is based on device based, passcode independent encryption.
        This is a convenience trade off Apple made, but it is also a security issue.

        OTHER things are encrypted with the passcode and they couldn't decrypt those. That is all clearly specified in the PDF.

    • by ei4anb (625481)
      Have you read the paper? It says:

      "It uses system functions to access the keychain entries, which made it not necessary to reverse engineer the encryption mechanism of the keychain items."

    • by fermion (181285)
      I will note that the first step is to remove the sim card. We see that once the sim card is removed, (assuming the phone is not on another network accesible to the owner) there is a large amount of time to break the phone. The six minutes is not an issue, so the lack of protection is not an issue. Arguably the real security flaw, and on most smart phone, is we are storing extremely sensitive data on devices with are easily lost or stolen, but without effective countermeasures.

      The six minutes, and unencr

    • by tlhIngan (30335)

      In short, this article is not providing an accurate portrayal of "current/latest" devices. Though I am not sure how many people: Have the newer hardware, have iOS 4 AND have reformatted their filesystem to accomodate the required metadata.

      Going by sales of the iPhone 4, a lot. And the number of people who update to the latest is huge as well.

      And the way iPhone updates are handled, it's effectively a reformat of the filesystem - iTunes backs up your data and apps, then proceeds to wipe the filesystem partiti

    • by QuantGuy (654249)

      Your statements are generally accurate about how the iOS 4 cryptosystem works. However, they apply only when the applications in question are actually requesting data protection services from the OS. If an application doesn't require data protection, these restrictions won't be enforced. See this presentation [inf.furb.br] from last year's WWDC (the person who posted it probably broke NDA, but whatever).

      The Fraunhofer paper states that some types of sensitive materials could be obtained without the passcode. Hence the sc

  • At least its more secure than Android because its closed source. Its not like anyone *gasp* found a way of looking at the iOS source code is there?. Isn't that right Mister Trend Micro chairman?

    • by Svartalf (2997)

      Considering that it has nothing to do with source code and more implementation of security (Crypto's easy...security's blindingly hard to get right...) combined with an ill-advised notion that it's secure and we should keep passwords on the iOS devices in the first place...

      Passwords should NOT be so hard that you have to write the idiot things down. If it's complex, hard to remember, the human factor comes into play and you end up with stupidities like this- they're not the security you need to concern you

  • "...and if you hold it juuuuust like *this*..."
  • Since when has anyone even vaguely knowledgeable about security had any illusion that a device is still secure when a hacker has physical control over the device?

    I lock my phone so that I have privacy from casual curiosity/pranks, I fully expect that every password I have on the thing will need to be changed as soon as it is stolen.

  • True Story (Score:5, Funny)

    by DarthVain (724186) on Thursday February 10, 2011 @11:34AM (#35162386)

    For a buddy's bachelor party we went white water rafting, and rented a huge cabin for the weekend. When we first arrived, we were all staking out beds (18 of us), and some of them were of the slide under the couch futon variety. While we were pulling one out, we found a woman's wallet from the previous occupants. It belonged to a girl in her early 20's that was clearly there partying it up. Her wallet contained everything, ID, credit cards, iPhone, etc.. (even a little white baggy of nose candy). Anyway the iPhone was locked, but one of the guys took it and said (his words not mine) "lets see how dumb this bitch is...". He typed 1,2,3,4 into the iPhone and nothing. Then he said, hey hand me her ID (which all the guys were checking out as she was rather hot), and then typed in her birthday as found on her ID into the iPhone... Click. Two tries. Her phone had plenty of photos of her and her girl friends which we all checked out. Anyway in the end we flushed her baggy, and using the contacts of her iPhone called up her Mom and some of her friends to get hold of her, told her we found her stuff, got her address and at the conclusion of our weekend mailed her stuff back to her. When we talked to her on the phone, we suggested she change her password to something a little stronger.

    Moral of the story, 1) People pick stupid passwords anyway, you hardly need some sophisticated password cracking system in many cases, 2) don't loose your iPhone with a stupid password at a party resort unless you want a bunch of stupid guys ogling your photos... We also may have taken a photo of one of the guys on the toilet using her phone, not sure if that ever got erased or not...

    • by t0p (1154575) on Thursday February 10, 2011 @11:54AM (#35162662) Homepage

      Anyway in the end we flushed her baggy

      Is "flushed" the expression drug fiends use nowadays? We used to say "snorted"...

    • by ephraimX (556000)
      ...but if her password had been stronger, you would have been much less likely to be able to track her down. Maybe it's a reasonable compromise: some dudes see your pix, but you get your $600 phone back.
      • by DarthVain (724186)

        Ya I thought about that, but then again we could have just sent it to her address on her drivers license really. If it was her parents place it might have taken a bit longer for her to get it, or we could have turned it into the resort, and it likely would have found its way back, but might take longer as well. Though at least the way we did it we were certain...

        However that doesn't stop some less honest people from simply wiping the phone and selling on ebay or something.

  • The Motorola ATRIX has the solution to this problem with it's built in fingerprint scanner.

    http://www.ur-news.com/review-att-motorola-atrix-4g.html

If you think the system is working, ask someone who's waiting for a prompt.

Working...