Researchers steal Iphone passwords in 6 mintues

[cody1889]

Hey guys,

I am new to the community. I was looking for a mac forum and found this one. I was looking for one because I wanted peoples opinion on this video of Iphone passwords being stolen and if I should be worried. I'm a paranoid person so I am probably overreacting. The video is here.. http://www.youtube.com/watch?v=uVGiNAs-QbY&feature=player_embedded .

Thank you

 

[McYukon]

Obviously you have to first loose your iPhone for this to work, and once anything is out off your hands it can be hacked since the biggest security the device has is you.
Because *any* device can be hacked if the hacker is smart enough, has physical control over the device, and lots of time to waste.

So, for the technique in the video to work.
#1 You have to loose your iPhone.
#2 Then it has to fall into the hands of someone who wants to get at your info. Most if the time thieves only want the phone and don't give a hoot what info is on it, so they plug it into iTunes and wipe the phone.
#3 If the thief wants to access the private info, he needs enough brains to know how to code the attack script because I didn't see that they released it.
And even if he doesn't use that method, just guessing passwords may also allow him to access the device if you have a weak password.

 

[cody1889]

Thank you for the help. I feel much better.

 

[MYmacROX]

I saw this article online earlier today. Didn't bother to read it, so forgive me if I'm wrong about this point... but, if you have Find My iPhone (free app) installed and you remotely wipe your iPhone clean as soon as you notice it's gone wouldn't your personal info be safe? I haven't used that feature yet because I haven't lost my iPhone or iPad. But if I ever did, that's the first thing I would do.

 

[McYukon]

Sure, that will defiantly work if you do it before the thief gets access to the the phones data.
Another point to note is that this hack only can get stuff that is stored at the lowest level of the protection classes.

When reading press reports such as the one in PC World about work done by researchers at Fraunhofer Institute for Secure Information Technology it is easy to get the impression that all information stored in the iOS keychains can be acquired by an attacker. But that isn’t true. Only keychain information that is stored in the weakest of “protection classes” is exposed. 1Password uses the strongest protection class, and so your credentials used to automatically sync your data with Dropbox remains secure. This includes your master password on your device, your Dropbox login information, and your master password for your data on Dropbox.
iOS can be hacked! Is my 1Password information safe? | Agile BlogAgile Blog