November 23, 2024

iPhone 3GS Encryption Is ‘Useless’

Posted July 23, 2009 at 7:16pm by iClarified · 8044 views
iPhone 3GS Encryption is 'Useless' for businesses according to Jonathan Zdziarski, a well known iPhone developer and hacker.

In an article by Wired.com, Zdziarski reveals that the iPhone encryption is so weak that it can be cracked in under 2 minutes with a freeware application.

“It is kind of like storing all your secret messages right next to the secret decoder ring,” said Zdziarski. “I don’t think any of us [developers] have ever seen encryption implemented so poorly before, which is why it’s hard to describe why it’s such a big threat to security.” An entire raw disk image of the phone can be made in about 45 minutes.

To demonstrate the phone's weakness. Zdziarski established a screenshare with Wired.com and was easily able to bypass any encryption to access their data.

Since Apple's encryption is so poor Zdziarski says its up to developers to add an extra level of security to their application.

“If they’re relying on Apple’s security, then their application is going to be terribly insecure,” he said. “Apple may be technically correct that [the iPhone 3GS] has an encryption piece in it, but it’s entirely useless toward security.”

Read More