Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: iPhone data protection flaw
From: "Thor (Hammer of God)" <Thor () hammerofgod com>
Date: Tue, 18 May 2010 23:19:05 +0000

Actually, no.  It doesn't have to pair to read and write to internal storage.  You only have access to the pictures dir 
and other files they may have put on the "external storage" section, but you can plug it into any system that has 
drivers and access it.

t

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of 
comex
Sent: Tuesday, May 18, 2010 3:23 PM
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] iPhone data protection flaw

On Mon, May 17, 2010 at 6:28 AM, Bernd Marienfeldt <bernd () linx net> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

I've recently upgraded to Ubuntu Lucid Lynx (10.04 LTS) and been 
surprised by the iPhone 3GS (3.1.3 - 7E18) mounting behavior:

Fully switch off the iPhone 3GS and then connect it to the Lucid Lynx 
PC via USB, the phone turns on and will be automatically mounted 
without any authentication challenge (PIN), allowing read/write access 
to your various local data, e.g. purchases, DCIM, Downloads, Photos, Recordings etc.

I'm not sure how it's done on Linux, but in general the iPhone pairs with computers and refuses to talk to to an 
unpaired computer if there is a passcode lock.  You might only be able to read/write data because you are already 
paired.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]