![It Only Takes Six Minutes to Reveal Your iPhone Passwords [Video]](/images/news/13854/47714/47714-64.png "It Only Takes Six Minutes to Reveal Your iPhone Passwords [Video]")
It Only Takes Six Minutes to Reveal Your iPhone Passwords [Video]
Posted February 10, 2011 at 12:33pm by iClarified
Researchers at the German Fraunhofer Institute for Secure Information Technology have demonstrated that it only takes six minutes to reveal the passwords stored in your iPhone keychain, reports PCWorld.
The researchers jailbreak the device then install SSH. They then copy a keychain access script to the phone. The script uses system functions to access entries in the keychain and outputs the details to the attacker.
The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.
"As soon as attackers are in the possession of an iPhone or iPad and have removed the device's SIM card, they can get a hold of e-mail passwords and access codes to corporate VPNs and WLANs as well," said the researchers in a statement. "Control of an e-mail account allows the attacker to acquire even more additional passwords: For many web services such as social networks the attacker only has to request a password reset."
This type of attack could be prevented by remotely wiping a lost or stolen device using Find My iPhone.
You can see the attack being demonstrated in the video below...
Read More [via PCWorld]
The researchers jailbreak the device then install SSH. They then copy a keychain access script to the phone. The script uses system functions to access entries in the keychain and outputs the details to the attacker.
The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.
"As soon as attackers are in the possession of an iPhone or iPad and have removed the device's SIM card, they can get a hold of e-mail passwords and access codes to corporate VPNs and WLANs as well," said the researchers in a statement. "Control of an e-mail account allows the attacker to acquire even more additional passwords: For many web services such as social networks the attacker only has to request a password reset."
This type of attack could be prevented by remotely wiping a lost or stolen device using Find My iPhone.
You can see the attack being demonstrated in the video below...
Read More [via PCWorld]
![Apple Shares Official Trailer for Season 2 of 'The Buccaneers' [Video]](/images/news/97414/97414/97414-160.jpg "Apple Shares Official Trailer for Season 2 of 'The Buccaneers' [Video]")
![Apple Accelerates Smart Glasses for 2026, Cancels Watch With Camera [Report]](/images/news/97408/97408/97408-160.jpg "Apple Accelerates Smart Glasses for 2026, Cancels Watch With Camera [Report]")
![Anthropic Unveils Claude 4 Models That Could Power Apple Xcode AI Assistant [Video]](/images/news/97407/97407/97407-160.jpg "Anthropic Unveils Claude 4 Models That Could Power Apple Xcode AI Assistant [Video]")
![Sonos Move 2 On Sale for 25% Off [Deal]](/images/news/97355/97355/97355-160.jpg "Sonos Move 2 On Sale for 25% Off [Deal]")
![Apple M4 MacBook Air Hits New All-Time Low of $824 [Deal]](/images/news/97288/97288/97288-160.jpg "Apple M4 MacBook Air Hits New All-Time Low of $824 [Deal]")
![Apple M4 iMac Drops to New All-Time Low Price of $1059 [Deal]](/images/news/97281/97281/97281-160.jpg "Apple M4 iMac Drops to New All-Time Low Price of $1059 [Deal]")
![Beats Studio Buds + On Sale for $99.95 [Lowest Price Ever]](/images/news/96983/96983/96983-160.jpg "Beats Studio Buds + On Sale for $99.95 [Lowest Price Ever]")
![Beats Studio Pro Wireless Headphones Now Just $169.95 - Save 51%! [Deal]](/images/news/97258/97258/97258-160.jpg "Beats Studio Pro Wireless Headphones Now Just $169.95 - Save 51%! [Deal]")
