![It Only Takes Six Minutes to Reveal Your iPhone Passwords [Video]](/images/news/13854/47714/47714-64.png "It Only Takes Six Minutes to Reveal Your iPhone Passwords [Video]")
It Only Takes Six Minutes to Reveal Your iPhone Passwords [Video]
Posted February 10, 2011 at 12:33pm by
Shalom Levytam
Researchers at the German Fraunhofer Institute for Secure Information Technology have demonstrated that it only takes six minutes to reveal the passwords stored in your iPhone keychain, reports PCWorld.
The researchers jailbreak the device then install SSH. They then copy a keychain access script to the phone. The script uses system functions to access entries in the keychain and outputs the details to the attacker.
The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.
"As soon as attackers are in the possession of an iPhone or iPad and have removed the device's SIM card, they can get a hold of e-mail passwords and access codes to corporate VPNs and WLANs as well," said the researchers in a statement. "Control of an e-mail account allows the attacker to acquire even more additional passwords: For many web services such as social networks the attacker only has to request a password reset."
This type of attack could be prevented by remotely wiping a lost or stolen device using Find My iPhone.
You can see the attack being demonstrated in the video below...
Read More [via PCWorld]
The researchers jailbreak the device then install SSH. They then copy a keychain access script to the phone. The script uses system functions to access entries in the keychain and outputs the details to the attacker.
The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.
"As soon as attackers are in the possession of an iPhone or iPad and have removed the device's SIM card, they can get a hold of e-mail passwords and access codes to corporate VPNs and WLANs as well," said the researchers in a statement. "Control of an e-mail account allows the attacker to acquire even more additional passwords: For many web services such as social networks the attacker only has to request a password reset."
This type of attack could be prevented by remotely wiping a lost or stolen device using Find My iPhone.
You can see the attack being demonstrated in the video below...
Read More [via PCWorld]
![Low-Cost MacBook Colors Were Originally Planned for M2 MacBook Air [Rumor]](/images/news/99984/99984/99984-160.jpg "Low-Cost MacBook Colors Were Originally Planned for M2 MacBook Air [Rumor]")
![Apple Seeds Xcode 26.3 RC 2 With Claude 4.6 Support [Download]](/images/news/99980/99980/99980-160.jpg "Apple Seeds Xcode 26.3 RC 2 With Claude 4.6 Support [Download]")
![Apple Watch Series 11 Now $299, 46mm Model Also at Record Low [Deal]](/images/news/99986/99986/99986-160.jpg "Apple Watch Series 11 Now $299, 46mm Model Also at Record Low [Deal]")
![Expired: Save $900 on Apple's 11-Inch M4 iPad Pro 2TB With Nano-Texture Glass [Deal]](/images/news/99982/99982/99982-160.jpg "Expired: Save $900 on Apple's 11-Inch M4 iPad Pro 2TB With Nano-Texture Glass [Deal]")
![11-Inch M5 iPad Pro Hits New All-Time Low at $799.91 [Deal]](/images/news/99962/99962/99962-160.jpg "11-Inch M5 iPad Pro Hits New All-Time Low at $799.91 [Deal]")
![11-inch M5 iPad Pro (1TB) Drops to All-Time Low of $1,449 [Deal]](/images/news/99924/99924/99924-160.jpg "11-inch M5 iPad Pro (1TB) Drops to All-Time Low of $1,449 [Deal]")
![Original AirTag Drops to All-Time Low Price of $17 [Deal]](/images/news/99856/99856/99856-160.jpg "Original AirTag Drops to All-Time Low Price of $17 [Deal]")
