Jonathan Zdziarski's Domain

Bypassing Passcode and Backup Encryption:
    http://www.youtube.com/watch?v=5wS3AMbXRLs

Forensic Recovery of Raw Disk:
    http://www.youtube.com/watch?v=kHdNoKIZUCw

What Data Can You Steal From an iPhone in 2 Minutes?
    http://www.youtube.com/watch?v=34f47m-lYSg

These YouTube videos demonsrate just how easy it is to bypass the passcode and backup encryption in an iPhone 3G[s] within only a couple of minutes’ time. A second video shows how easily tools can pull an unencrypted raw disk image from the device. The seriousness of the iPhone 3G[s]‘ vulnerabilities may make enterprises and government agencies think twice before allowing these devices to contain confidential data. Apple has been alerted to and aware of these vulnerabilities for many years, across all three models of iPhone, but has failed to address them.

The 3G[s] has penetrated the government/military markets as well as top fortune-100s, possibly under the misleading marketing term “hardware encryption”, which many have taken at face value. Serious vulnerabilities such as these threaten to put our country’s national security at risk. Apple’s only fix thus far has been to consistently put a few nails on the front door, but they have thus far failed to fix the major underlying design issues that allow for this threat. Unfortunately, the only way Apple seems to listen is through addressing such problems publicly, as all previous attempts to talk with them have failed. I sincerely hope they fix these issues before a breach occurs.

Law enforcement agencies have the toughest challenge in mobile forensics: not only do they have to get data off the phone of a pedophile, rapist, or murderer, but they have to do it in a forensically sound manner that can be reproduced and explained in a court of law. I have created a new site, iphoneinsecurity.com to make all of my latest research and automated tools to iPhone forensics available to law enforcement agencies. I require that those with access be full time, sworn officers with agencies having arrest and search and seizure powers. A contact address also exists to request access. In addition to the restricted content, many public articles and announcements are also posted by law enforcement officers and other experts in the field, so head on over and check it out.

With buzzwords like, “hardware encryption” and “remote wipe”, many enterprises have been misled into believing that the iPhone 3G[s] is secure enough to store confidential correspondence or other information. Apple is no doubt pushing the enterprise market, but is the iPhone truly secure enough?

While this subject truly warrants a complete white paper, take the following points into consideration. The following apply not only to the iPhone 3G[s], but also to earlier generation devices. Here are the top seven things every enterprise should know about the iPhone:

(more…)

Andrew Hoog, Chief Investigative Officer at Via Forensics, put together a good summation of the available forensics techniques for recovering data from the iPhone. This paper is a few months old, so it doesn’t cover my latest USB method (which is much faster and easier), but he does cite my original method from the book, along with some other useful methods. Depending on what kind of information you want to get, there are different techniques you can use. Andrew has informed me this paper will be updated shortly so keep an eye out for a new edition.