Main || Free Classifieds || Games || News || Articles || Forums || Advertise With Us || Link To Us || About Us || Contact || Site Help  

Today Is...
 

The Technology Review
With Dave G.

Dave has been into computers and electronic gadgets for most of his life. When it comes to technology, Dave knows the latest and greatest. Seeing technology evolve over the past quarter century, Dave has seen how important tech has become in our everyday lives. He reviews tech from being in the IT field for almost 20+ years so if you disagree with him, your opinion must be wrong.

ARTICLE OF THE WEEK


Monday, June 7th, 2010
Author: Dave G, Technology Specialist

iPhone’s Latest Security Flaw 

Sarah Jacobsson - http://www.msnbc.msn.com/id/37400086/ns/technology_and_science-security/


“Using a four-digit PIN to lock your iPhone doesn't really protect your data, security and IT blogger Bernd Marienfeldt has discovered. In an article describing the iPhone's business security framework, Marienfeldt has found a "data protection vulnerability" in Apple's iPhone 3GS.”

Of course the iPhone has security flaws. It’s just like the Mac or any other OS. Nothing is really immune from attack. People think that because Apple devices don’t get a lot of viruses that it’s more secure. Those people need to wake up. Apple is actually less secure than a Linux or Windows based machine. It has been proven time and again to be the least secure OS out there. Think of it like this- the shed in my backyard has a very simple lock on it and probably could be broken with a hammer. The average bank, on the other hand, usually has alarm systems, locks, guards, cameras all in place in order to keep its contents safe. If I said to you that my shed is more secure than any bank because it has never been broken into you would probably laugh at me.

“Basically, he said, plugging an up-to-date, non jail-broken, PIN-protected iPhone (powered off) into a computer running Ubuntu Lucid Lynx will allow the people to see practically all of the user's data — including music, photos, videos, podcasts, voice recordings, Google safe browsing databases, and game contents. The "hacker" has read/write access to the iPhone, and the hack leaves no trace.”

For those of you that don't know, Ubuntu Lucid Lynx is a freely-download-able OS that does not even require you to install it. It can be run in a "live" mode right from a CD on almost any computer. You don't even need to be a "hacker" to perform this hack.

“This hack is especially scary because it could allow full write access, and full write access could potentially lead to the attacker being able to make phone calls (as far as we know, the attacker can access all of your data but they can't make any phone calls … how reassuring). Marienfeldt points out that this is especially an issue for corporate/business users, who "rely on the expectation that their iPhone 3GS’s whole content is protected by encryption with a passcode based authentication in place to unlock it."

I'm sure that it's only a matter of time before someone figures out how to make phone calls with this hack. It's also no surprise to
me that Apple has been notified of the flaw, but has yet to correct it (or give a timeline for a patch).

Yours Truly,
- Dave G.
Author, The Tech Review
publishing@lieconomy.com


[Recent Articles] | [Archived Articles]

Comments

madwest
07 Jun 2010, 21:30
problem? what problem? hey just buy a new iphone, it'll be OK.
Shanewmn
08 Jun 2010, 05:05
Very insightful article....I can't imagine why anyone would buy and iphone!
Jeff
08 Jun 2010, 14:00
Good article! I like the "shed" analogy. I'm gonna have to use that one...
Roy
09 Jun 2010, 16:08
"Your Opinion Must Be Wrong"-That is classic Dave! Great Article-The i-phone Blows!
VLocke
19 Jun 2010, 23:02
I hear the flaw even exists on the new iphone as well. FAIL!
VS Dude
12 Jul 2010, 13:37
With a MobileMe account, if you lost your iPhone, you could easily locate it, lock it, or wipe it of all data remotely. Show me another phone with that capability and I'll buy it.
Josh
12 Jul 2010, 13:48
I can do that with a free app on my Android phone. Also Blackberry is comming out with that very soon from what I hear. Plus, if you lost your iphone 4, someone would just have to hold it and you couldn't remotely do squat.
ZEE
15 Jul 2010, 19:49
You guys are idiots. grow up.
AS147
27 Jul 2010, 08:55
You can also do that with the Microsoft Mobile service for Windows Mobile and its FREE!
Apples and Oranges
09 Sep 2010, 09:56
Please compare the iPhone to some other mobile phone, not to a desktop OS.

Any device can be pwned when you have physical access (that includes desktops). I used Ubuntu [Linux] Live CD's to get into Windows machines all the time.

This is FUD.

FYI [non-Fanboi alert]
I still own a RAZR V3 and am only now going to get an iPod touch -- not an AT&T iPhone.

For a second there, I thought you were giving me some helpful information due to this clown over here http://www.computerworld.com/comments/node/9184141#comment-631204
Cudaboy
04 Oct 2010, 17:56
Get off the crack Dave. I dare you to send me ANY thing you think will mess up my Mac. Go ahead, I'll wait. Simple truth is in 30 years of Mac use I've never had a single virus/trojan horse or anything.
Furthermore, I don't know anyone who ever has had their Mac hacked into.
Just another reason Apple is bigger than Microsloth and is growing even bigger as Microsuck continues to flounder. I didn't think jerks like you still exist.
Dave G
05 Oct 2010, 12:17
Cudaboy, you make me laugh. Just because you never had a virus doesn't mean jack. I never have either. Secondly, you don't know anyone that had their Mac hacked for one of two reasons: You have no friends or the people you know have Linux or Windows. Thw words Apple and growing should not be in the same sentence. What is their market share for computers? Oh yeah 4-5% of the market. (cough-cough...LOSER) The all-mighty iphone is also the minority already. Android has overtaken it in what, a year? If you are so sure that you won't get a virus, post your public and private IP address and turn off your routers firewall. Let's see what happens.
olov
06 Oct 2010, 12:12
Yes lets see.
I have run my mac for 3 years without firewall....
It is on constant attac
But nothing ever had happend.

As always... you get what you pay.
Cars, food, computers, wine EVERYTHING
Greg
14 Oct 2010, 14:18
Dave,

You remove any semblance of intergrity or validity when you resort to name calling and insults. Good job.

Wouldn't necessarily call this supposed "flaw" a hack though, since it doesn't require any actual hacking. A security hole, perhaps, and I'm sure will probably be addressed in a soon to be released software update. Just like when Palm introduced their phones capable of syncing with iTunes, Apple fixed that right away with an iTunes update.

Also don't understand how you can claim without backing it up that Mac OSX is the least secure OS on the market. I would be lead to believe that a system built on top of Unix would be right up there with the most secure. Now, that could also depend on the users knowledge of how to setup user accounts, permissions, firewalls, etc.

I've been a Mac user for over 10 years and have never once been completely screwed over by a "Critical Update" from Apple, much unlike my Windows days when their updates had rendered my PC unusable and unfixable without formatting and starting over on multiple occasions. I've never had a need for any anti-virus application running in continuous parallel with my OS and sucking all of my system resources slowing the whole system down. Just the fact that you would even think that Windows is more secure is just... cute.

I for one have never seen any literature that coincides with your beligerent and baseless statements, and I read... A LOT.

That's also really cute how you are assuming that Android phones have outsold iPhones. I like the concept of Android, but they're too late to the game to be considered a contender. Just like Microsoft with their Windows Phone recently announced. Typical with just about everything, Apple is first to the punch and everyone else is playing catch up. Apple was first to introduce USB, CD burners standard, the mouse, DVD burners standard, a graphical user interface, the App store... The list could go on and on.

Greg
paul
14 Oct 2010, 22:03
greg you dont know what you are talking about... like most apple fan boys...
unix can be as insecure as any other os, unless you configure it properly...
i have macs and support macs, the os is good... but apple as a company is full of crap... their marketing borders on absolute falacy at times... and saying android is too late to the game shows how silly you are...
Greg
15 Oct 2010, 05:21
So just because I believe in a company and their products, I'm a fan boy... and that's a bad thing? I won't apologize for being a fan (nor a boy) of a company that has made my life exponentially more easy than it ever was when I was a PC user. Hate them all you want, but Apple is an innovator, and they are all about the whole experience with their products, right from the feel you get looking at/holding their products, right down to the experience of using their products. First and foremost they are out to create a piece of art, start to finish.

And you're foolish to think that Unix can be "insecure". It's a system that was developed for the government and military and is the foundation of most major corporations that care about their data being online 24/7 and absolutely secure and stable.

My point in saying Android is too late to the game is a fact. In the company I work for that employs over 300 people nationwide, most of which are very tech savvy and are all about having the latest and the best, only 2 of which own Droid phones and about 90% are on iPhones. Why? Because they already own a lot of music, movies, and apps they've purchased through iTunes. Why would they switch platforms and throw all that money away. That's just silly. Oh, not to mention that there is still only a wee fraction of apps available on Droid than there is on the iPhone.

Google took too long to get the software out and it's cost them market share. Again, I like the idea of Android. Heck, I like the idea of Windows Phone (despite it being crap). I like competition, it drives everyone to do bigger, better, cheaper.

Trust me Paul, I know exactly what I'm talking about. Like most Apple flamers, I'm sure you don't in fact have any Macs and have probably never used one at all.
Ray
15 Oct 2010, 07:20
Greg, you really are blind and, dare I say... stupid!

Android is out selling iPhone. Sorry to break it to you. Too late? Nah, just better development. Apple steals ideas constantly.

The challenge stands, post your IP or Shut up!

Your made up "FACTS" are typical.
Dave G
15 Oct 2010, 11:53
If you don't believe me that Apple has the least secure OS, do a quick Google search. Thousands of Security professionals, columnists and hackers back me up.

www.osnews.com/story/20965/IBM_AIX_Most_Secure_Mac_OS_X_Least_Secure_

www.macobserver.com/tmo/article/pwn2own_winner_mac_os_x_is_less_secure_than _windows/

www.engadget.com/2008/03/27/pwn-2-own-over-macbook-air-gets-seized-in-2-min utes-flat/

www.engadget.com/2010/03/25/iphone-sms-database-hacked-in-20-seconds-news-a t-11/

blogs.paretologic.com/malwarediaries/index.php/2010/03/25/charlie-millers-o ne-man-show-at-cansecwest/

www.hackinthebox.org/index.php?name=News&file=article&sid=34902

hothardware.com/News/Macs-Less-Secure-From-Hackers-And-Viruses/

www.daniweb.com/news/story276570.html

As far as the Android/iPhone thing goes, there are reports out there showing that Android is ahead now and the Market grows every day. Sorry but just saying Apple is better doesn't make it so.
Florin
05 Apr 2011, 10:27
What are you all comparing the iphone with here? a full blown PC? Comparing it with a windows phone or android would be more like it.

Just seems like anyone who can't afford one talks trash about it.

Just what do you expect the iphone to do? keep your beer cool and your kids in school?

*Name:
Email:
Notify me about new comments on this page
Hide my email
*Text:
 
By Posting You Are Agreeing To Our TOS
Powered by Scriptsmill Comments Script

Please fill out this form if you wish to contact the author of this column.

Your Name

(**If you wish to remain anonymous please indicate**)

Please give us your e-mail.

(**Email will remain confidential**)

Click in the box below, then type in your special request or question.

 

Main || Free Classifieds || Games || News || Articles || Forums || Advertise With Us || Link To Us || About Us || Contact || Site Help
 


© Long Island Economy. All rights reserved.
| Help!? | Terms Of Service |