![It Only Takes Six Minutes to Reveal Your iPhone Passwords [Video]](/images/news/13854/47714/47714-64.png "It Only Takes Six Minutes to Reveal Your iPhone Passwords [Video]")
It Only Takes Six Minutes to Reveal Your iPhone Passwords [Video]
Posted February 10, 2011 at 12:33pm by
Shalom Levytam
Researchers at the German Fraunhofer Institute for Secure Information Technology have demonstrated that it only takes six minutes to reveal the passwords stored in your iPhone keychain, reports PCWorld.
The researchers jailbreak the device then install SSH. They then copy a keychain access script to the phone. The script uses system functions to access entries in the keychain and outputs the details to the attacker.
The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.
"As soon as attackers are in the possession of an iPhone or iPad and have removed the device's SIM card, they can get a hold of e-mail passwords and access codes to corporate VPNs and WLANs as well," said the researchers in a statement. "Control of an e-mail account allows the attacker to acquire even more additional passwords: For many web services such as social networks the attacker only has to request a password reset."
This type of attack could be prevented by remotely wiping a lost or stolen device using Find My iPhone.
You can see the attack being demonstrated in the video below...
Read More [via PCWorld]
The researchers jailbreak the device then install SSH. They then copy a keychain access script to the phone. The script uses system functions to access entries in the keychain and outputs the details to the attacker.
The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.
"As soon as attackers are in the possession of an iPhone or iPad and have removed the device's SIM card, they can get a hold of e-mail passwords and access codes to corporate VPNs and WLANs as well," said the researchers in a statement. "Control of an e-mail account allows the attacker to acquire even more additional passwords: For many web services such as social networks the attacker only has to request a password reset."
This type of attack could be prevented by remotely wiping a lost or stolen device using Find My iPhone.
You can see the attack being demonstrated in the video below...
Read More [via PCWorld]
![Beats Teams Up With IShowSpeed for Kung Fu-Inspired Powerbeats Pro 2 Ad [Video]](/images/news/99367/99367/99367-160.jpg "Beats Teams Up With IShowSpeed for Kung Fu-Inspired Powerbeats Pro 2 Ad [Video]")
![Apple Releases macOS Sequoia 15.7.3 and macOS Sonoma 14.8.3 With Security Fixes [Download]](/images/news/99361/99361/99361-160.jpg "Apple Releases macOS Sequoia 15.7.3 and macOS Sonoma 14.8.3 With Security Fixes [Download]")
![Apple Releases tvOS 26.2 With Guest Profiles That Don't Require an Apple ID [Download]](/images/news/99359/99359/99359-160.jpg "Apple Releases tvOS 26.2 With Guest Profiles That Don't Require an Apple ID [Download]")
![AirPods Pro 3 Hit New All-Time Low of $199! [Deal]](/images/news/99326/99326/99326-160.jpg "AirPods Pro 3 Hit New All-Time Low of $199! [Deal]")
![AirPods Pro 3 Drop Back to Lowest Price Ever of $219.99 [Deal]](/images/news/99303/99303/99303-160.jpg "AirPods Pro 3 Drop Back to Lowest Price Ever of $219.99 [Deal]")
![Apple Watch Series 11 Drops to New All-Time Low of $299 [Deal]](/images/news/99283/99283/99283-160.jpg "Apple Watch Series 11 Drops to New All-Time Low of $299 [Deal]")
![AirPods 4 With ANC Are Still On Sale for Just $99! [Lowest Price Ever]](/images/news/99264/99264/99264-160.jpg "AirPods 4 With ANC Are Still On Sale for Just $99! [Lowest Price Ever]")
![Final Cyber Monday Deals: M4 MacBook Air for $749, Beats, Sonos, and More [List]](/images/news/99203/99203/99203-160.jpg "Final Cyber Monday Deals: M4 MacBook Air for $749, Beats, Sonos, and More [List]")
