Bypassing Passcode and Backup Encryption:
Forensic Recovery of Raw Disk:
What Data Can You Steal From an iPhone in 2 Minutes?
These YouTube videos demonsrate just how easy it is to bypass the passcode and backup encryption in an iPhone 3G[s] within only a couple of minutes’ time. A second video shows how easily tools can pull an unencrypted raw disk image from the device. The seriousness of the iPhone 3G[s]’ vulnerabilities may make enterprises and government agencies think twice before allowing these devices to contain confidential data. Apple has been alerted to and aware of these vulnerabilities for many years, across all three models of iPhone, but has failed to address them.
The 3G[s] has penetrated the government/military markets as well as top fortune-100s, possibly under the misleading marketing term “hardware encryption”, which many have taken at face value. Serious vulnerabilities such as these threaten to put our country’s national security at risk. Apple’s only fix thus far has been to consistently put a few nails on the front door, but they have thus far failed to fix the major underlying design issues that allow for this threat. Unfortunately, the only way Apple seems to listen is through addressing such problems publicly, as all previous attempts to talk with them have failed. I sincerely hope they fix these issues before a breach occurs.
The National Center for Missing and Exploited Children and I have been building a revolutionary new tool. The iPhone AMBER Alert System is now available in the App Store FREE and not only provides up-to-the-minute detailed information on all AMBER Alerts, but revolutionizes the way that sightings are processed. By using the iPhone’s GPS, we’re able to feed this data into a GIS system and build any number of geoanalytical models to identify multiple credible sightings within a given radius. This information is relayed directly to the NCMEC hotline where it is processed and disseminated to the appropriate law enforcement agency. The first version of AMBER Alert sends this data through email, but a private API is in the works, opening the door for taking photographs of sightings for visual confirmation and further improving response times. All of this is made available, of course, at no cost, and is a free download.
I recently did a talk at O’Reilly’s Ignite Boston party about the exciting iPhone forensics community emerging in law enforcement circles. With all of the excitement came shame, however; not for me, but for everyone in the audience who had bought an iPhone and put something otherwise embarrassing or private on it. Very few people, it seemed, were fully aware of just how much personal data the iPhone retains, in spite of the fact that Apple has known about it for quite some time. In spite of the impressive quantities of beer that get drunk at Tommy Doyle’s, I was surprised to find that many people were sober enough to turn their epiphany about privacy into a discussion about full disclosure. This has been a hot topic in the iPhone development community lately, and I have spent much time pleading with the different camps to return to embracing the practice of full disclosure.
Continue reading “Full Disclosure and Why Vendors Hate it”
The MIT Spam Conference concluded today with some great talks by various researchers in the field. I was particular sorry that I arrived late to miss Kathy Liszka’s talk on “Neural Networks for Image Spam”, as the tail end of it appeared very good. One thing I did notice that was quite refreshing about this year’s conference was that there were a few fresh faces, like Kathy, who were very passionate and enthusiastic about the subjects they were talking about, having an almost child-like giddiness (as in a “candy store” sort of way) zeal for what they were working on. It’s very hard to find people who have been in the field who still consider it that exciting, and these are the ones from whom the best technology typically emerges.
I was also honored with the award for “best overall paper” for the 2008 conference, which is available for download here, and is titled “Reasoning-Based Adaptive Parsing”. The presentation will be available on the conference website shortly. I’m glad people were so inspired by it. Hopefully, I provided enough of a solid level of technical content to help people realize that not all enterprise corporations are evil, secretive empires who engage academic conferences with brand whoredom on their mind.
The Spam Conference appears to be turning over a new leaf and returning to the academic field. Now that they’ve switched the cameras off and gotten rid of the press, the conference is beginning to feel like a true classroom experience once again. The “workshops”, which are really round-table type discussions, were intriguing, and the vendor whoredom was kept to a minimum. In addition to this, the first day of the conference was in a relatively small classroom, allowing for a more personal feel. I look forward to seeing how next year’s goes – hopefully it will continue in this direction.
Last night marked a unique event in history. The Apple Store in Cambridge MA allowed me to come in through the front door and deliver a keynote to some 200+ people as they hosted the Mobile Monday Boston conference. In spite of the sheer chaos of fitting so many people into such a small store, and the generally poor acoustics of a mall, what the conference lacked in elegance was quickly made up for in quality of content.
Continue reading “Tales From the Apple Store”
It looks like I missed the 1960s, but I’ve read that there were plenty of free drugs and free sex to go around. One thing that apparently wasn’t free, though, was telephone equipment. And behind all of the groovy things to do back then, the one thing nerds seemed to be more into than panty raids was having fun with the telephone networks. The digital telephone network was brand new, and so consumer ignorance was at an all-time high. This made for easy profiting – AT&T had made a killing by charging their customers not only for telephone service, but to pay usage and equipment rental fees for telephones, answering machines, and anything else you wanted to plug into your phone jack.
Continue reading “The Ethics of Hacking”
File Vault is the encryption mechanism used to protect user accounts on Apple’s Mac OS X file system. While disabled by default, many people rely on file vault to protect their personal data. Many criminals, no doubt, also use file vault to encrypt content that would otherwise be incriminating. The security offered by an encrypted volume comes at a price – Apple’s closed source approach has left a significant amount of ambiguity about how the system actually works, and many erroneous assumptions have left holes for data to be recoverable. Among these misconceptions are the idea that raw data inside a vault cannot be accessed, and the erroneous belief that mechanisms such as Apple’s free space wipe will remove deleted data. This brief how-to shows you how to obtain a raw disk image from a file vault, and illustrates that deleted data can be recovered. It also shows that mechanisms like Disk Utility’s “Erase Free Space” option doesn’t affect the deleted contents inside a vault.
Continue reading “File Vault’s Dirty Little Secrets”
Countless sermons have been preached instructing people to give, and God will let you have the car you want, the house you want, and the life you want. Amusingly, my web logs indicate that this essay is found frequently by pastors Googling for prosperity sermons to preach on Sunday. It seems strange, though, that a people who profess to follow Christ are so anxious to convince the church that God wants them to be rich, when the Bible teaches no such thing – God has promised us no such prosperity, but only trials, tribulation, and possibly martyrdom. James teaches us that there’s something profoundly wrong with a miser, treating the notion of being rich as a sign of poor character in their lack of generosity. So are pastors just in error, wanting to see their congregation blessed in this consumer driven American culture, or are they preaching up promises of breakthroughs and finances because they know they’ll reap some of the benefits? In either case, Christians shouldn’t be so naive, given the role model we have in Jesus’ life.
Continue reading “The Fallacy of the Prosperity Sermon”
DISCLAIMER: Do your own research. I make no claims as to the accuracy of this information.
There’s something about the technology that causes investors to suffer massive brain anneurisms when placing trades. I’ve watched (and occasionally cashed in) as mindless fools throw their money aimlessly into the wind rather than take the time to understand and invest in good technology. It begins with hysteria, and most tech investors have it in spades. This rises from the effectiveness of a company’s marketing department to engender initial hype that investors believe will translate into consumer enthusiasm. The good products succeed, but the rest typically dwindle within the first few weeks of hitting the market.
Continue reading “Why Investors Suck at Tech”
Since the beginning of the early church, men have fought hard against the simplistic and servant-oriented church blueprint installed by the apostles. From the earliest days of the church, she has been plagued by power plays and factions, all attempting to use the church as a means of political, social, or economic power. Over a short period of about a century, Biblical church government had been abused, challenged, and eventually deposed.
Continue reading “Hijacking God”
I’ve spent many late evenings over the past month translating and researching an intriguing early Christian manuscript called the Didache. Greek for teaching, this first century Greek manuscript reveals the life and heart of the early Church. It has been the center of much academic interest and controversy since its rediscovery in 1883. Prior to this, it was once thought lost to history, although many early church fathers including Athanasius, Rufinus, and John of Damascas cited the book as inspired scripture. It was also accepted into the Apostolic Constitutions Canon 85 and the 81-book Ethiopic Canon. Many early church fathers including Barnabas, Irenaeus, Clement of Alexandria, and Origen either quote or reference the Didache.
Continue reading “Restoring the Beauty of the Didache”
A friend of mine proceeded half way home with lunch in hand after being delayed four minutes by an old, senile man who insisted upon checking his sandwich order. Shortly thereafter, she realized that her own turkey sandwich lacked an all-important ingredient – namely the turkey. They say that it’s counterproductive to turn back once you pass the halfway-home marker, and so she did what any other ordinary American would do – Continue reading “Embracing Senility”