For years, people are using a PIN code to keep their mobile data away from people’s eyes. All that is about to change thanks to Bernd Marienfeldt and Jim Herbeck. Engadget reports, that they have discovered a new iPhone OS vulnerability that leaves your data wide open, even when using a PIN
Yes, a PIN will keep casual users from picking up your phone and making a call with it, or firing off an e-mail to your co-workers saying that you’re quitting and becoming an exotic dancer, but it won’t keep someone from accessing all your data. Bernd and fellow security guru Jim Herbeck have discovered that plugging even a fully up-to-date, non-jailbroken iPhone 3GS into a computer running Ubuntu Lucid Lynx allows nearly full read access to the phone’s storage — even when it’s locked. The belief is that they’re just a buffer overflow away from full write access as well, which would surely open the door to making calls. Bernd believes the iPhone’s lack of data encryption for content is a real problem, and also cites the inability to digitally sign e-mails as reasons why the iPhone is still not ready for prime time in the enterprise.