This week's sponsor

The Omni Group

Celebrating 25 years of human-centered productivity!


iPhone Vulnerability Allows Read Access On Ubuntu Lucid Lynx, Even When PIN Locked

So you thought your PIN-protected iPhone was secure enough to keep your friends away from trying to unlock it and call your mom pretending they kidnapped you. I'm sorry folks, you might want to reconsider your mobile security.

It turns out that even when an iPhone is locked with a PIN you can mount it and gain nearly full read access using a computer running Ubuntu Lucid Lynx. As you can read in this in-depth report from Bernd Marienfeldt (found via Engadget), it is possible to access the internal iPhone storage and  access content, which is not encrypted. Also, Bernd believes they're just a step away from gaining full read / write access, which should allow to a) expose data and b) do stuff with your iPhone, like making phone calls to your mom. Oh and yes, this vulnerability works with non-jailbroken devices.

Finally, it seems like Apple is working on a fix but it's not providing us a possible release date:

"Apple could reproduce the described serious issue and believes to understand why this can happen but cannot provide timing or further details on the release of a fix."

We know that Apple is working hard on enhancing the enterprise capabilities of the future iPhone OS 4.0, and I'm sure this will be fixed in the new OS. But until that time, don't trust the friend using Ubuntu. And tell your mom you're safe.

Unlock MacStories Extras

Club MacStories offers exclusive access to extra MacStories content, delivered every week; it's also a way to support us directly.

Club MacStories will help you discover the best apps for your devices and get the most out of your iPhone, iPad, and Mac. Plus, it's made in Italy.

Starting at $5/month, with an annual option available. Join the Club.

A Club MacStories membership includes:

  • MacStories Weekly newsletter, delivered every week on Friday with app collections, tips, iOS workflows, and more;
  • Monthly Log newsletter, delivered once every month with behind-the-scenes stories, app notes, personal journals, and more;
  • Access to occasional giveaways, discounts, and free downloads.