You can view the page at https://filesharingtalk.com/content/7...in-six-minutes
You can view the page at https://filesharingtalk.com/content/7...in-six-minutes
jeez. another epic security fail. thats even worse than sonys fail.
This works because while your passwords are stored encrypted on the device, they're decrypted by a key stored on the device itself... not your passcode. This is what allows you to receive emails, notifications, etc, while the phone is locked.
While this is a fail, pretty much any security can be compromised once you have physical access to the machine. Physical security is one of the most important aspects of any technical security. Plus I wasn't aware that jailbreaking installs openssh by default (which is what appears to be exploited here), so idk.
Anyone who's already jailbroken their phone is immune to this attack assuming you've changed both the root password and the password for the "mobile" account.
Bookmarks