Researchers Take Only Six Minutes To Retrieve iPhone Passwords
Think the closed nature of iOS, powering millions of iPhones and iPads worldwide, is any more secure than other mobile device operating systems? Researchers from Germany’s Fraunhofer Institute Secure Information Technology have some bad news if your phone is ever lost or stolen.
The researchers recently released a video and paper showing how, by using current vulnerabilities in the operating system, numerous passwords can be retrieved in six minutes, even if the device is locked with a passcode.
As seen in the video, with the assistance of jailbreaking tools, the researchers were able to obtain passwords for Gmail, Micrsoft Exchange accounts, LDAP accounts, voicemail, VPN, Wi-Fi and some apps.
The complete findings were released in a paper by the researchers. Thankfully, this apparently is only a proof of concept and not in the wild.
Beyond the scary idea of hackers getting a normal consumers e-mail and other passwords, exploits like this are something that can give corporate IT managers fits as the iPhone and iPad are continuing to gain mass acceptance in the business world. An exploit like this could easily net a hacker access to corporate passwords.
Hopefully Apple will continue to beef up security to help make it harder for hackers to exploit this type of loophole. In the meantime, to help alleviate the fear of dealing with a stolen or lost device, the company recently made the Find My iPhone app -- which can remotely locate and/or wipe a device -- a free download.
Posted by Brent Dirks on Feb 10, 2011