What's new
Apple iPad Forum 🍎

Welcome to the Apple iPad Forum, your one stop source for all things iPad. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

iPhone hack reveals passwords in six minutes

f4780y

f4780y

Super Moderator
Staff member
Joined
Sep 11, 2010
Messages
7,113
Reaction score
652
Location
Troon, Scotland
And the moral of the story boys and girls. ALWAYS change your SSH password from "alpine" to something more secure! :D

UPDATE - SEE POST BELOW. MY SUGGESTION ABOVE IS NO PROTECTION AGAINST THIS EXPLOIT (but is still good practice!)
 
Last edited:
Y

y2kgtp

iPF Noob
Joined
Jun 15, 2010
Messages
433
Reaction score
3
One thing to note...these devices were not jail broken yet. The person who obtains the i device does the jailbreak to gain access.
 
f4780y

f4780y

Super Moderator
Staff member
Joined
Sep 11, 2010
Messages
7,113
Reaction score
652
Location
Troon, Scotland
y2kgtp said:
One thing to note...these devices were not jail broken yet. The person who obtains the i device does the jailbreak to gain access.
Click to expand...

Yes indeed. Well reminded. Does being jail broken and secured provide any additional protection to re-jail breaking with redsn0w and installing a package at boot time I wonder? I'm off to experiment...
 
Last edited:
D

Demandarin

iPF Noob
Joined
Jul 26, 2010
Messages
1,247
Reaction score
22
Location
Va
f4780y said:
And the moral of the story boys and girls. ALWAYS change your SSH password from "alpine" to something more secure! :D
Click to expand...

What do u mean? Is ssh something automatically installed when u jailbreak? If so, how do i go about changing the password?
 
f4780y

f4780y

Super Moderator
Staff member
Joined
Sep 11, 2010
Messages
7,113
Reaction score
652
Location
Troon, Scotland
Demandarin said:
f4780y said:
And the moral of the story boys and girls. ALWAYS change your SSH password from "alpine" to something more secure! :D
Click to expand...

What do u mean? Is ssh something automatically installed when u jailbreak? If so, how do i go about changing the password?
Click to expand...

No, it is something that most power users choose to install after the jailbreak, usually via OpenSSH.

Here is a good article about the password issue and how to change it How to Secure your Jailbroken iPhone from SSH Hack | Redmond Pie

However, in relation to this story, the protection I suggested is wrong (but still good general practice). There is no protection from this exploit by changing the password. Redsn0w can be used to install a new bundle with whatever settings the user wants and therefore the only protection against this attack (as was clearly stated in the original article!) is to remotely wipe your iPad using mobileme, or another such service, as soon as you lose it...

This is one of the downsides of having a hardware bootrom exploit (limera1n) which cannot be patched. :)
 
Last edited:
You must log in or register to reply here.

Most reactions

Similar threads

M
iOS 9 Introduces Six-Digit Passcodes to Newer Apple Devices
Replies
1
Views
2K
John903
John903
K
34 new iPhone 5S, iPhone 6 and iPad Mini 2 patents revealed
Replies
0
Views
3K
Kaykaykay
K
Y
wrong password when updating app on my ipad 2
Replies
8
Views
8K
twerppoet
twerppoet
M
  • Locked
Is Zynga poker Hack tool REAL ?
Replies
2
Views
5K
Mickey330
Mickey330
M
Apple’s Self-Driving Car Permit Details Revealed
Replies
0
Views
1K
Maura
M

Latest posts

Top