Security: iOS lock codes

nigelmnigelm Junior Member
edited March 2012 in Lounge
One question raised (for me) by the recent blog post The ABCs of XRY: Not so simple passcodes was does the described technique work if you have Erase Data set in your passcode settings (presuming they don't hit gold on the first 10 guesses)?

I realise that this setting gives someone a very easy DOS type attack - 2 minutes with your phone (locked) and I can create a ton of work for you putting it back to normal (and presumably make it untraceable by the apple fine your iphone tools).

Nigel.

Comments

  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member
    edited April 2012
    Hi Nigel! That is a very good question.

    The attack of the sort used by XRY gets beneath the software that would keep that count of attempts, so "Erase after N failed attempts" does not protect against this kind of attack.

    You are absolutely correct that if you do set "Erase after N failed attempts" someone could maliciously or accidentally destroy the data on your phone. This is why I don't particularly recommend it. Accidental erasure could come from a child playing with the phone or from the owner of another iPhone who thought they were working on their own.

    Find My iPhone can help you if your phone is taken by naive criminals, who wouldn't be using these kinds of cracking tools, but even a moderately sophisticated criminal will remove the SIM card, thus making the device untraceable. Removing the SIM card will also get around "Remote Wipe" as well.

    It's actually for reasons like this that we never built in such features into 1Password; they don't add much additional security against sophisticated attackers, but they do dramatically increase the chance that someone will accidentally lose their data.

    Cheers,


    -j
  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member
    Oops! I meant to say, [font=helvetica, arial, sans-serif]"'Erase after N failed attempts' does not protect against this kind of attack."[/font]
  • Thanks! Exactly what I was wondering too.
  • khadkhad Social Choreographer

    Team Member
    On behalf of Jeff, you are quite welcome! :-)

    If we can be of further assistance, please let us know. We are always here to help!
  • edited April 2012
    Hey - one more question. Any update on this http://9to5mac.com/2012/04/02/xrys-two-minute-iphone-passcode-exploit-debunked/ and that A5 and newer devices don't have this exploit? I imagine you would still recommend keeping a non-simple passcode on iOS devices. But can you corroborate that this exploit isn't possible on newer devices?
  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member
    Thanks jesselperry2!

    I had been suspicious about the device choices in their demos, so I am not at all surprised by the results of a careful, hands-on, analysis.

    But we need to remember that XRY isn't the only forensics tool out there, and rootkits that run on newer model hardware may appear any day. So I consider the advice for a longer passcode still very meaningful.

    I should also note that Micro Systemation have removed their demo video from YouTube. I also note that they are a UK based company. And while we are talking about the UK, let me mention some entirely random and irrelevant trivia I learned when living there. The Great Ouse flows slowly, but it does not, in fact, ooze. The UK has much tougher advertising standards laws than the US does.

    Cheers,


    -j

    –-
    Jeffrey Goldberg
    Chief Defender Against the Dark Arts @ AgileBits
    http://agilebits.com
  • Thanks for bringing upt the erase-data option. I was wondering about that too.
  • jpgoldbergjpgoldberg Agile Customer Care

    Team Member
    You are very welcome. I suspect that these (pretty much useless) remote wipe features are the consequence of business requirements. Some organizations won't let their people store any business data on a device that doesn't meet a checklist of features. Some items on the checklist haven't been properly thought through.

    Cheers,

    -j
This discussion has been closed.