• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • German Researchers Highlight Security Threats of Jailbreaking


    German researchers have come froward with a public warning: If someone steals your iPhone and jailbreaks it, they may be able to retrieve your sensitive passwords. As a result, the "Fraunhofer Institute Secure Information Technology" team has released a new video showcasing the perceived "security threats" posed by jailbreaking, a situation in which an "attacker can retrieve passwords in 6 minutes."

    The video demonstrates a password-locked iPhone tethered to a computer via USB. Following a snappy jailbreak, the hoodlum taps into the device's filesystem and nefariously copies a keychain access script. When executed, the script enables all the passwords stored on the iPhone to be viewed after extraction. This "flawed security design" - which affects all iPhone and iPad devices containing the latest firmware - makes all of the above possible without the need to even unlock a password-protected handset.

    While the video and demonstrated process largely fail to tell our community something it doesn't already know, the discussion itself speaks to a bigger issue. The surplus of recent talk surrounding the security weaknesses of the iPhone and other jailbreaking-related dangers is leading up to the unveiling of the iPhone 5 this summer. The 5th generation iPhone is believed to be deeply vested in ramped-up security features. As a result, some in the jailbreaking community believe that Apple is about to make "doing our thing" exponentially more difficult to do.

    Fraunhofer Institute
    Apple Insider
    This article was originally published in forum thread: German Researchers Highlight Security Threats of Jailbreaking started by Michael Essany View original post
    Comments 81 Comments
    1. iYeow's Avatar
      iYeow -
      Wow, looks risky.
    1. politicalslug's Avatar
      politicalslug -
      German scum! They simply can't be trusted.
    1. Zokunei's Avatar
      Zokunei -
      Quote Originally Posted by politicalslug View Post
      German scum! They simply can't be trusted.
      Unfortunately there may be people that take you seriously if you don't add '/sarcasm'.
    1. Captinsmooth's Avatar
      Captinsmooth -
      Quote Originally Posted by Zokunei View Post
      Unfortunately there may be people that take you seriously if you don't add '/sarcasm'.
      Maybe he was serious.
    1. Zokunei's Avatar
      Zokunei -
      Quote Originally Posted by Captinsmooth View Post
      Maybe he was serious.
      I don't know, some of his past posts have definitely been sarcastic without notation.
    1. Cer0's Avatar
      Cer0 -
      Thought this was a pretty much a "duh" thing. Hence why it is pushed to normal jailbreakers to change the root and mobile passwords.
    1. my1past1is1ur1future's Avatar
      my1past1is1ur1future -
      guys i c alot of comments i just wanna know is there a solution for that?
    1. Cer0's Avatar
      Cer0 -
      At the bottom of Cydia is a guide on how to change your password.
    1. Cokeman's Avatar
      Cokeman -
      How can i use this to save all my wifi passwords, backing up a file & restore it after each upgrade would save me a lot of time.
    1. andypropaganda's Avatar
      andypropaganda -
      Quote Originally Posted by Zokunei View Post
      Unfortunately there may be people that take you seriously if you don't add '/sarcasm'.
      And? So what. People shouldn't be so sensitive.

      As for the article, this is like everyone else said. Not really anything to worry about. This could happen to any device.
    1. Zokunei's Avatar
      Zokunei -
      Quote Originally Posted by andypropaganda View Post
      And? So what. People shouldn't be so sensitive.
      Unfortunately a lot are and there could be some stupid posts back and forth that we have to skip over until the mods have to waste their time cleaning it up.
    1. CaptainChaos's Avatar
      CaptainChaos -
      This should not have been posted. It is very misleading.
    1. Zokunei's Avatar
      Zokunei -
      Quote Originally Posted by CaptainChaos View Post
      This should not have been posted. It is very misleading.
      Especially the title.
    1. CaptainChaos's Avatar
      CaptainChaos -
      Agreed. Where is the "Reasons every iPhone should be jailbroken to make it more secure" thread?
    1. Zokunei's Avatar
      Zokunei -
      I know. Locktopus would be a great addition to that thread. I don't have it though, nor do I have a passcode. I don't have anything on my iPod that I care about locking down really.
    1. DevouredDreams's Avatar
      DevouredDreams -
      funny how they just showed everyone in the world you can get security codes from an iphone, some people didnt know that but not now, and whos ripping off apple the jailbreakers or the **** who just showed how to do it?
    1. CaptainChaos's Avatar
      CaptainChaos -
      Exactly. If you don't put yourself in a position to worry about security then anyone can pick up your phone without you sweating it. This is one of the main reasons I don't have any social networking software, websites.
    1. Zokunei's Avatar
      Zokunei -
      I know. Why don't they just tell the JB devs?
    1. Zokunei's Avatar
      Zokunei -
      Quote Originally Posted by CaptainChaos View Post
      Exactly. If you don't put yourself in a position to worry about security then anyone can pick up your phone without you sweating it. This is one of the main reasons I don't have any social networking software, websites.
      Yeah my twitter uses a fake name (Zokunei Hyaku :P) and my picture isn't on there. Twitter is the only social network I use. My first name isn't even on any sites. I don't even have my name or picture on my iPod (that's not necessarily for security, I just don't happen to)
    1. SwatPac's Avatar
      SwatPac -
      I just let my American time be wasted by German bullsh1t! Damn Germans and your time wasting!