When Canonical announced that Ubuntu 10.04 would bring native iPod support, what I had in mind was support for Apple's music player as a removable disk. So it would be possible to insert and remove music, videos and other files from it. But two security researchers, Jim Herbeck and Bernd Marienfeldt, found that this support actually reveals a major flaw in devices running the iPhone OS.
The duo ran an experiment to test how secure the company's phone is. Apple. They locked it using a PIN code and connected it via USB to a computer running Ubuntu 10.04 Lucid Lynx. If the device's security was strong enough, it wouldn't allow access to any of the data stored inside it, right? Not this time. The researchers were able to read and copy almost all of the device's content, including music, videos, podcasts, and even photos from the camera.
I tested the fails using a 3rd generation iPod Touch also locked by a PIN code and plugging it into the Live CD of the same Ubuntu version. And I came across the screen below.
Click to enlarge
Aficionados of the company Apple could argue that the iPhones and iPod Touches used in the tests were jailbroken and therefore vulnerable. But it's not the case. Both were with the latest firmware version and did not go through any unlocking or jailbreaking program. Bernd says the real flaw lies in the iPhone's lack of encryption.
So if you have compromising photos on your iPhone and you think using a PIN code is enough to protect yourself from a possible scandal, be afraid. A computer running Ubuntu 10.04 is all anyone needs to wreak havoc.
With information: Engadget.