Posted by: David Harley | June 7, 2010

iPhone leak: is there a little Dutch boy handy?*

The H has reported further on its research into an iPhone problem flagged by Bernd Marienfeldt. The original problem was this: a locked iPhone is supposed to refuse communication with devices to which it hasn’t been formally introduced, but Marienfeldt found that if the phone is accessed while booting, it may nonetheless pair with an unknown device – in that instance a PC running Ubuntu.

Heise’s research, however, indicates that while an encrypted, locked iPhone only discloses music and images,  it’s possible to connect an iPhone with iTunes under Windows, and the H states that connection with a PC running Vista allowed “full system access”, allowing a full backup including plain text passwords. The problem appears to apply to 3G as well as to 3GS devices. However, an update to the article suggests that the vulnerability only exists if the phone is shut down while it’s still unlocked.


ESET Research Fellow
Mac Virus Administrator


  1. […] More here. […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: