Two different mobile phone security concerns were revealed today, one for devices using iOS 6.1 and one for Androids. DailyTech has posted text instructions as well as linking to a video which shows how an iPhone 5's password protection can be completely bypassed and allow anyone with physical access to your phone to log into the phone with full access. The second vulnerability, tested with Android 4.0 but possibly wide spread, was discovered by a team at the Friedrich-Alexander University in Germany, and it allows you to recover information from a phone which has used the Android disk encryption. They used both a freezer to drop the temperature of the phone and a trick with the battery which puts the phone into 'fastboot' mode and allows the loading of a custom image via a Linux PC which installs their Forensic Recovery Of Scrambled Telephones tool, aka FROST. As you can see from the images below, that gives you the ability to get the encryption key or even brute force some passwords.
-Go to emergency call, push down the power button and tap cancel.
-Dial 112 and tap green and inmediately red.
-Go to lock screen.
Ok…ready for second part:
-Go to passcode screen.
-Keep pushing down the power button …1…2…3…seconds and before showing the slider "turn off"…tap the emergency call button and …voilá!
-Then without releasing the power button press the home button and ready…"
Here is some more Tech News from around the web:
- Intel's new TV box to point creepy spy camera at YOUR FACE @ The Register
- Toshiba announces a noise cancelling chip @ The Inquirer
- 555-timer charges lead acid batteries @ Hack a Day
- Micron glues DDR4 RAM to flash, animates the 256GB franken-DIMM @ The Register
- Futuremark 3DMark Review @ Neoseeker
- Hacking a Coffee Machine for a Better Brew @ Hack a Day
- Cern shuts down LHC after three years of operations @ The Inquirer
- NVIDIA/AMD OpenGL Benchmarks Of Unigine Valley @ Phoronix
- Win an AverMedia RECentral Live Gamer HD Capture Card @ eTeknix
- Funky Kit Presents: Mod-my-Box™ Spring 2013 – Official Launch