Sunday, August 2, 2009
iPhone 3GS versus hackers
Apple’s aim to capture the enterprise market might not actually materialize, claims Jonathan Zdziarski, an iPhone developer and a hacker who teaches forensics courses. Zdziarski has gone on record saying that apple won’t tell you, but the supposed enterprise-friendly encryption included with the iPhone 3GS is so weak it can be cracked in two minutes with a few pieces of freeware. “It is kind of like storing all your secret messages right next to the secret decoder ring,” he said, “I don’t think any of us have ever seen encryption implemented o poorly before, which is why it’s hard to describe why it’s such a big threat to security.” Contrary to Apple’s claim that the new iPhone 3GS is more enterprise-friendly, the new iPhone 3GS encryption feature is ‘broken’ when it comes to protecting sensitive information such as credit card numbers and social-security digits, says Zdziarski. But the poorly implemented security doesn’t seem to be deterring companies from falling for the allure of easy-to-use interface and wealth of applications available for download on iPhone.