Notifications

Clear all

iPhone flaw - no PIN required(?)

trewmte · 2010-05-31T18:54:53Z

This is the gist of suggested iPhone flaw I recently read about generated from an upgrade to Ubuntu Lucid Lynx (10.04 LTS) it was noted with the iPhone 3GS (3.1.3 - 7E18) mounting behaviourPower OFF iPhone 3GS and then connect it to the Lucid Lynx PC via USB. The phone turns on and will be automatically mounted without any authentication challenge (PIN), allowing read/write access to your various local data, e.g. purchases, DCIM, Downloads, Photos, Recordings etc.——————The iPhone uses proprietary protocols over USB for file operations, syncing and the like – only real authentication was that the session with lockdownd eventually goes SSL. There is also device pairing but it is really trivial to do and doesn't restrict the computer at all.Lucid Lynx appears to include libimobiledevice, ifuse/gvfs-afc and all the necessary components.Limitation – you're jailed to your Media directory unless jailbroken and connecting to afc2.

Page 2 / 2 Prev

General (Technical, Procedural, Software, Hardware etc.)

Last Post by trewmte 15 years ago

14 Posts

5 Users

0 Reactions

720 Views

RSS

polar

(@polar)

Eminent Member

Joined: 15 years ago

Posts: 48

03/06/2010 3:56 pm

Interesting, so your conclusion is that it is the iPhone infact is the 'cause'?

Mm.

Evidentially then, how would you demonstrate you are not in breach of privacy or directed surveillance requirements? Afterall, the opportunity it might present itself and be suggested the method/treatment infact is being used to avoid legal processes (e.g. no party consent, circumventing digital signatures prior to disclosure and so on) and avoid traceability in doing so?

This isn't so much of a concern in my line of work. I'd be interested to hear your thoughts though.

ReplyQuote

trewmte

(@trewmte)

Noble Member

Joined: 19 years ago

Posts: 1877

Topic starter 04/06/2010 1:09 am

Interesting, so your conclusion is that it is the iPhone infact is the 'cause'?

Mm.

? )

I am smiling because the last time I saw Mm it had many different definitions Polar

http//www.urbandictionary.com/define.php?term=mm

ReplyQuote

polar

(@polar)

Eminent Member

Joined: 15 years ago

Posts: 48

04/06/2010 7:42 pm

? )

I am smiling because the last time I saw Mm it had many different definitions Polar

http//www.urbandictionary.com/define.php?term=mm

And your thoughts on the privacy/surveillance requirements?

ReplyQuote

trewmte

(@trewmte)

Noble Member

Joined: 19 years ago

Posts: 1877

Topic starter 05/06/2010 2:57 pm

And your thoughts on the privacy/surveillance requirements?

It largely depends upon your inhouse practices and procedures and how ambiguously they are written such that staff do not get a straight direction (yes/no, you can/you can not, cause/effect) when reading them.

ReplyQuote

Page 2 / 2 Prev

8 Forums
15.7 K Topics
92.3 K Posts
292 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed