Results 1 to 6 of 6

With Apple pushing harder and harder to get the iPhone a foothold in the business ... Apple iPhone News forum

  1. #1
    MStrawder's Avatar
    MStrawder no está en línea Stack Pro
    Join Date
    Jul 2008
    PIN/ID
    Ask
    Posts
    1,825

    iPhone Cryptography Lacking

    Advertisement



    With Apple pushing harder and harder to get the iPhone a foothold in the business market, it seems that one of the most important considerations would be device security. Just think of all the emails and phone numbers floating around on the devices of some of the top executives today, containing new ideas, internal memos, and who knows, maybe your name, address, and phone number. However, according to one industry tech, the encryption method in the new iPhone 3GS is no better then previous versions of the device and is "useless for businesses".

    Jonathan Zdziarski, an app developer and proclaimed 'hacker', was quoted as saying, "I don’t think any of us [developers] have ever seen encryption implemented so poorly before, which is why it’s hard to describe why it’s such a big threat to security." and "It is kind of like storing all your secret messages right next to the secret decoder ring.". He even goes into detail as to how fast the data could be extracted.

    Full article here..
    "Our greatest fear is not that we are inadequate, but that we are powerful beyond measure" ~ Marianne Williamson
    Current OS list by device
    How to upgrade your OS

  2. #2
    srl7741's Avatar
    srl7741 no está en línea Stack Professional
    Join Date
    May 2006
    PIN/ID
    Retired
    Posts
    6,359
    A good read thanks. I love reading these articles. There are so many factors I would not even know where to begin on the topic of cell phone security. The last line should sum it up for most users.

    “We’re going to have to go with the old imperative of ‘Trust no one,’” he said. “And unfortunately part of that is, don’t trust Apple.”

    Let's not forget it's a small mobile device which can walk off at any moment. My wallet and keys also are similar in they contain items I would not want others to have access to and could be used in the same way.

  3. #3
    zipporic's Avatar
    zipporic no está en línea Stack level 2
    Join Date
    Sep 2008
    PIN/ID
    24B606F3
    Posts
    67
    Good article but it just proves an already understood fact - apple was never taken seriously as a business company especially when it comes to security. All of apples products are built on the premise of openness, anyone can connect, access and utilize things that apple makes. Good if you're running a fun house - bad if you are serious about your privacy. I really hope it was never assumed that the iPhone was a serious business device, it is for fun only (an iTouch you can talk on, wait, iTouch has an app for that). I'd get it for music and video - not for emails and credit card numbers.

  4. #4
    srl7741's Avatar
    srl7741 no está en línea Stack Professional
    Join Date
    May 2006
    PIN/ID
    Retired
    Posts
    6,359
    I hope you realize what he did can also be done with any other phone using different tools (software) a PC and the correct cords. It's not intended to pit anyone against but rather shed light on concerns people may not know about. He does a great job with this type of stuff. I'm glad he is vigilant and stays on top of these things for everyone. I've never done work on an iPhone but have on hundreds of BB's. That's why I mentioned our Wallets and keys. Items like this are inherently not secure for many reasons.
    Actually when I first began looking at the article I was hoping for information on the other side like how to intercept data being sent or what happens after we select send etc.
    I recall setting in a class one day not long ago and the Key Note speaker began talking about cell phone security (about 300 people) and at the same time 25 cell phone began ringing. The Speaker was making the phones ring. He was pointing out how easy it was as he displayed the names of the people on the big screen. My jaw hit the floor. I shut done my Pearl and pulled the battery and paid close attention.


  5. #5
    MStrawder's Avatar
    MStrawder no está en línea Stack Pro
    Join Date
    Jul 2008
    PIN/ID
    Ask
    Posts
    1,825
    Quote Originally Posted by srl7741 View Post
    I hope you realize what he did can also be done with any other phone using different tools (software) a PC and the correct cords. It's not intended to pit anyone against but rather shed light on concerns people may not know about. He does a great job with this type of stuff. I'm glad he is vigilant and stays on top of these things for everyone. I've never done work on an iPhone but have on hundreds of BB's. That's why I mentioned our Wallets and keys. Items like this are inherently not secure for many reasons.
    Actually when I first began looking at the article I was hoping for information on the other side like how to intercept data being sent or what happens after we select send etc.
    I recall setting in a class one day not long ago and the Key Note speaker began talking about cell phone security (about 300 people) and at the same time 25 cell phone began ringing. The Speaker was making the phones ring. He was pointing out how easy it was as he displayed the names of the people on the big screen. My jaw hit the floor. I shut done my Pearl and pulled the battery and paid close attention.

    Wow. Now that is a class I would love to have been involved in. We do tend to take device security for granted and articles like that are a constant reminder of just how much trust we put into our devices to store very personal information.
    "Our greatest fear is not that we are inadequate, but that we are powerful beyond measure" ~ Marianne Williamson
    Current OS list by device
    How to upgrade your OS

  6. #6
    pjenney58's Avatar
    pjenney58 no está en línea Stack level 1
    Join Date
    Aug 2009
    Posts
    1

    Question What's missing

    I'm interested in opinions/guidance the the area of iPhone security and what it really means to implement cryptography on them for the corporate world. Any thoughts?

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •