Johns Hopkins University Shares Results of Research on Information Security of Modern Smartphones

The HotHardware portal, with reference to Wired, spoke about the results of a study of information security of modern smartphones, which was carried out by employees of the Johns Hopkins University. Unfortunately, the results are depressing - iOS and Android are not able to provide one hundred percent privacy for their users.

The participants of the project, organized by the university, were able to find out that information from motherboards can be easily read with the help of special tools used by criminologists and law enforcement agencies. This requires the physical presence of a smartphone to be manipulated. However, carrying out such procedures requires special knowledge, and most people in the street do not have such tools for receiving data from encrypted smartphones. By the way, the very encryption of data on smartphones occurs at the time of blocking - to gain access to them, for example, on an iPhone, you must enter a passcode or authenticate using Touch ID or Face ID.

One of the project participants, cryptographer Matthew Green, says: “It really shocked me because when I came to this project, it seemed to me that modern phones perfectly protect user data. Now that I left the project, I realized that this is not so: the government or some agency with the appropriate tools if desired, can receive information from any smartphone."

There are already companies on the market that sell iPhone unlocking devices. GrayShift sells a $ 15,000 Graykey device designed to brute-force a passcode and upload data from an iPhone. These devices are owned by government security agencies. The time to brute force a four-digit password can take several hours, and a six-digit password can take several days. The company also offers its services for unlocking iOS.

Apple later responded to material posted by Wired: “Our company is focused on protecting our users from hackers, thieves, and criminals who want to steal personal information. The types of attacks studied by Johns Hopkins University are costly to carry out and require physical access to the device and are relevant until we fix the vulnerabilities they exploit.”

Apple, by the way, works with security researchers. In December 2020, it became known that Apple began shipping iPhone with an official jailbreak for security researchers as part of a special Security Research Device Program for finding vulnerabilities.

Post a Comment