Posted on 06/25/2010 12:17:10 PM PDT by PugetSoundSoldier
Do you have a PIN code on your iPhone? Well, while that might protect you from someone making a call or fiddling with your apps, it doesn’t prevent access to your data … as long as the person doing the snooping around is using Ubuntu “Lucid Lynx” 10.04.
Security experts Bernd Marienfeldt and Jim Herbeck discovered something really interesting when they hooked up a non-jailbroken, fully up-to-date iPhone 3GS to a PC running Lucid Lynx …
I uncovered a data protection vulnerability [9], which I could reproduce on 3 other non jail broken 3GS iPhones (MC 131B, MC132B) with different iPhone OS versions installed (3.1.3-7E18 modem firmware 05.12.01 and version 3.1.2 -7D11, modem 05.11.07) , all PIN code protected which means the vulnerability bypasses authentication for various data where people most likely rely on data protection through encryption and do not expect that authentication is not in place.
(Excerpt) Read more at zdnet.com ...
I suggest reading the article and ignoring the TROLLS.
DO NOT RESPOND TO ANY TROLLISH BEHAVIOR IN THE THREAD. THERE IS A LOT OF IT ALREADY.
You will recognize the names of the trolls
Give them wide berth, and let them have their fun talking among themselves.
If you want on or off the Mac Ping List, Freepmail me.
‘DO NOT RESPOND TO ANY TROLLISH BEHAVIOR IN THE THREAD. THERE IS A LOT OF IT ALREADY.”
Don’t forget your holy water, garlic, cross and rosary. A wooden stake might be handy too.
If you’re ignoring me why do you keep responding?
I have the proof...show me where you CAN do that...the mere fact that you can’t is proof enough.
I know I’ve tried it on my windows mobile 6.5 and I can’t get in.
So if you’re claiming you can, let’s see the proof. Otherwise you’re just spreading FUD.
In this case, it was my comment, and I happened to find this, so let me ease your mind a bit.
I wasn't "attacking" you, I was offering some advice to improve how you might state your position. Let's see...
>> Of course, you hate Apple with an unbridled passion, so it shouldn't surprise me that you take every opportunity to poke at OS-X with a stick, even when it makes you look stupid to do so.
> NOTE: I did not say one derogatory statement about OSX in that entire thread. But right there, the attacks start out.
That was not an attack. I merely said that comparing Win7's rate of sales to OS-X's rate of sales -- in raw number of copies sold -- was inappropriate, and actually weakened your argument. I was offering advice, "Pssstt, don't say that, it makes you look foolish. Say it in a way that works better for you."
>> It's NT6.1. Microsoft is gonna have to throw out the ancient, creaky NT codebase before they can write something that I'd call "slick" from a technical point of view... I gotta ask you, though. Do you write marketing copy for Microsoft? I'm not saying you're a MSFT shill -- I'm just saying you sound like one sometimes
> Again, nothing stated derogatory against any person or anything Apple, but here I'm a shill and the OS is ancient and creaky.
Ummm, Puget, the NT codebase under Win7 *IS* ancient and creaky. It was written in 1992-94. Now, that's not necessarily bad per se (e.g. the design BSD Unix is pretty old too), except that the design of BSD Unix is acknowledged to be very robust, whereas -everybody- admits that the design of NT3.1/3.5/4.0 was extremely weak. Patching a flawed design is not as good as having a solid design from early-on. Microsoft knows this -- that's why they intend to drop the NT codebase as soon as possible. Or didn't you know that?
And I did NOT call you a shill. I merely offered the advice that you tone down a bit of the sales-talk vocabulary because you were sounding like a fanboy. I am sure you want to avoid that, so I passed along a hint.
Personally, if you had written the comments I wrote, directed at me, I would take them as advice, not attacks.
Anyway, sorry you got your feelings hurt. That wasn't the intent.
!
Thanks Swordmaker!
It's unlikely to come up accidentally, but if someone steals your phone with the intention of stealing your information, they have a fairly easy way of doing so. It's the computer equivalent of a car lock -- it'll stop an opportunistic thief, but not a determined one.
Proof?
Does that somehow invalidate the security hole in iPhone? Is the article in error?
I see you pulled the usual Swordmaker trick of putting words in my mouth to suddenly qualify my statement so that you can try to prove your point; I never said what size iPhone, now did I?
But let's just take a look anyway... With a transfer rate of 480 Mbps, you could copy 8 GB in about 20 seconds, and 16 GB in about 40 seconds.
I know I've seen close to that sustained rate with Ubuntu and Win 7; is the iPhone too slow to allow those kinds of transfer rates?
Dayglored,
Your comments really didn’t bother me, one way or another. It’s just that recently zeugma’s taken to constant charges of “evil Mac Trolls start everything!” and given his post was literally just 4-5 after your own charges of hatred and being like a shill, well...
I have nothing personally against you; it’s guys like zeugma and Swordmaker who apparently have some sort of holy crusade for Mac that bother me. Take Swordmaker’s bull-like entry into this thread, immediately charging “well can you prove the other phones don’t have this problem, too?” Never mind it’s about iPhones, and PROVEN to be an issue...
If someone gets physical access to your machine they can also reset via jumpers or simply pulling the battery for 5 minutes. BIOS passwords should *never* be the sole means of security.
Leave the key in your Ferrari, run into Starbucks for ?????, come back and the car is gone. Who knew that could happen.
You are worried about some individual getting access to eMail, when the government already has access to all you communication, text and Mail and Location, guess what they don't need a warrant. Now don't you feel all better.
Leave the key in your Ferrari, run into Starbucks for ?????, come back and the car is gone. Who knew that could happen.
So at the office, you take your phone with you to the bathroom every time? Take your laptop as well?
The article is not in error, it is just not useful, unless you plan giving you iPhone to a hacker that uses Ubuntu. Even a metal Safe is not safe if you let some one have it. Why not worry about all the banks vaults that may be vulnerable.
Disclaimer: Bad example since the Government has assumed many unknown rights concerning your money in banks.
Never used an IPhone huh? Theoretical and real are two different things.
Then why have any security features at all? If your problem is that the Government can do it, so everyone else can do it, then why even run security features? Why not just leave your phone always unlocked and everything in plain text?
The Government also can enter your home, search it, and leave without your approval or even notifying you; thus using your logic I recommend you leave your house unlocked and the front door open.
Not recently, no... What kinds of USB transfer rates does the iPhone support when you mount it as a file device? Ever tried that? Not through iTunes, but direct to Ubuntu...
I know with my HTC WinMo phone I can transfer 200 MB of data in just over a second to my Ubuntu install; extrapolating, that's about 40 seconds for a full 8 GB.
Is the iPhone noticeably slower than that? Or is your caution based on an assumption, since you may not have tested this particular access mode?
Rather, it is not useful to you; do you work in an environment with a mix of OSes, like many of our IT brethren here?
If you're a traveling worker (such as I am, a self-employed technical consultant) who spends lots of time at your various client's offices, are you 100% certain that no one there has an Ubuntu install and would not be interested in the contents of your phone?
Just because a security hole does not apply to your specific situation does not mean it is a non-issue to everyone else.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.