Hackers start picking iPhone's locks

By

Retrieval of cryptic password could one day allow for the installation of custom applications.

Hackers start picking iPhone's locks
Security researchers have begun efforts to crack open the newly launched iPhone and its underlying software components in hopes of ultimately being able to "unlock" protections on the device and run custom software.

Less than three full days after the first iPhones went on sale, researchers had taken the first step towards unlocking the device.

Eric Tews, a cryptography student at the Technical University of Darmstadt in Germany reported on the Full Disclosure mailing list that through an analysis of the iPhone's disk image, he had succeeded in unearthing two internal passwords labelled "root" and " mobile".

Researchers are not entirely sure yet of what the two passwords do, nor are they certain that the passwords are the same for every iPhone.

"In general the passwords appear to be part of the underlying OSX / Unix based system that makes the phone work," independent security researcher Kevin Finisterre told vnunet.com.

Finisterre theorised that programs may use the passwords to gain access to the iPhone's components.

Developers could possibly use those credentials to communicate with for instance communicate with the iPhone's cellular radio and receive feedback from the touch screen.

Security researcher Tom Ferris explained that the work being done on the Full Disclosure list is " definitely the first step," and pointed out that there is still plenty of hacking to be done before anybody other than Apple will be able to install programs on to the iPhone.

"They don't have the keys to the kingdom yet," Ferris told vnunet.com.

Ferris noted that while the researchers have been able to open up the iPhone's software and find such things as caller-id information, they have yet to gain the ability to write and execute code on the iPhone, leaving the two passwords of little use at the moment.

"But once they're able to break out of that sandbox," said Ferris, "it's game over."
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?