Sunday, June 1, 2008

iPhone Passcode Easily Defeated

Via Jonathan Zdziarski's Blog -

I had a request come in tonight from an agency in NZ, looking to perform forensics on a drug dealer's iPhone. The iPhone happened to be passcode protected which, to my surprise, actually presented a problem for iLiberty+. I quickly hacked together a simple solution, and am simply posting this as a warning to anyone who thinks their data is safe because they have a passcode. The iPhone's passcode is quite simple to circumvent, and the latest versions of my forensic toolkit and manual now cover a simple three-step process to do it. While I'm not about to make the files themselves publicly available, this method can be easily adapted to crack the passcode by simply deleting a property list file. What a shame, that Apple went to the trouble of storing the passcode in the keychain, and yet the switch to turn it on and off is sitting in a little property list you can delete.

-----------------------

Ouch.

But with physical access to the device, the game is already over....this is a perfect example.

No comments:

Post a Comment