Full Disclosure: Re: iPhone data protection flaw

["Thor (Hammer of God)" <Thor () hammerofgod com>]

Actually, no.  It doesn't have to pair to read and write to internal storage.  You only have access to the pictures dir 
and other files they may have put on the "external storage" section, but you can plug it into any system that has 
drivers and access it.

t

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of 
comex
Sent: Tuesday, May 18, 2010 3:23 PM
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] iPhone data protection flaw

On Mon, May 17, 2010 at 6:28 AM, Bernd Marienfeldt <bernd () linx net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
>
> I've recently upgraded to Ubuntu Lucid Lynx (10.04 LTS) and been 
> surprised by the iPhone 3GS (3.1.3 - 7E18) mounting behavior:
>
> Fully switch off the iPhone 3GS and then connect it to the Lucid Lynx 
> PC via USB, the phone turns on and will be automatically mounted 
> without any authentication challenge (PIN), allowing read/write access 
> to your various local data, e.g. purchases, DCIM, Downloads, Photos, Recordings etc.
I'm not sure how it's done on Linux, but in general the iPhone pairs with computers and refuses to talk to to an 
unpaired computer if there is a passcode lock.  You might only be able to read/write data because you are already 
paired.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/