iOS keychain system crack can expose passwords

Sections: iPhone, iPhone OS, SDK and hacks, iPhone/iPod touch/iPad

submit to reddit

iOS passwordI, for one, am all for jailbreaking iOS, as it is my personal belief that a manufacturer should not have the control over your electronics that Apple does on its iDevices. Jailbreaking comes with many benefits and can be done for many legitimate purposes, although unfortunately it doesn’t always end up that way. A team of German researchers at the Fraunhofer Institute Secure Information Technology have successfully cracked iOS’ keychain system, allowing access to any and all passwords stored on an iDevice provided that it is jailbroken.

All someone would need to get to the passwords stored on your iDevice would be to have it in his possession, to have it jailbroken, and to have SSH installed on it. So, as long as you don’t let your iDevice get into the wrong hands, you have nothing to worry about. However, if you do, you can consider your passwords to everything from your email accounts, WiFi network, voicemail, and more to be compromised. [Ed. Another good reason to have Find My iPhone set up through MobileMe, as you can use it to lock or wipe out your data remotely.]

It will be interesting to see what Apple will do about this, if anything. The only obvious solution on their end would be to put a stop to jailbreaking. However, this is extremely unlikely as they haven’t been able to yet and probably never will be as there are new exploits found in their software and hardware all the time. Let’s hope they take a more realistic approach and try to fix this through a more logical method, as I’m sure that this security exploit (which isn’t even a threat unless you’ve lost your iDevice) will not put a stop to the jailbreaking scene.

You can read the full report (PDF) on this security breach from, and you can watch a video of the exploit in action below.

Print Friendly
  • Jonathan Nerdtrek

    You can safeguard your phone by changing your username/password combo.

    BY default all iOS devices have:
    username: root
    password: alpine

    If you check out you will find tutorials on how to unlock, jailbreak, and safeguard your iPhone, iPad, or iPod. It is possible to change the password on your device and it's the first thing I do. Once it has been changed the thief CANNOT use SSH to get into your phone unless they know your password (or have a custom program for brute forcing into iOS which I have never heard of). PCs are more susceptible to attack than macs because all the hackers own macs! 😛

  • Jonathan Nerdtrek

    After reading this I actually decided to write an article. Here it is: