Thursday, January 5, 2012

Rolling Back Time Can Expose Locked Photo Albums on iOS 5

iPhone CameraTech consultant and iPhone tinkerer Ade Barkah has discovered a flaw within iOS 5 photo album security that will reveal locked photo albums should the clock on your iPhone be rolled back.

With iOS 5, users can now access the Camera app on a locked phone simply by double-clicking the home button. However, since the phone is still “locked”, you will only have access to whatever pictures you snap during your new session and you won’t be able to access any images stored within the pre-existing photo albums.

How does the iPhone know what images to show you? As Barkah explains, it
Turns out Apple’s restriction is just a simple filter based on the timestamp when the Camera app was invoked.

So in the event that your iPhone’s clock is rolled back, all of your “protected” images will be for all who double-click your “locked” phone’s home screen to see!

Of course, this brings up the immediate question on why anyone would roll the clock back on their phone – or how it could even be done.

After all, time always moves forward and waits for no one, right?

While that’s true, Barkah offers a few scenarios that could potentially result in time going backwards on your iPhone:

  • It could be due to user error.  E.g., maybe while traveling across timezones you accidentally set the iPhone’s date or time incorrectly (rather than simply resetting the timezone).   If you set the clock ahead of what it’s supposed to be, then this vulnerability will appear when you reset to the correct time.  If you accidentally set the clock to the past, then your images will immediately become unprotected.

  • It could be an iPhone glitch.  E.g., a software or hardware issue could reset your iPhone’s clock to epoch time — iPhone’s “zero” time at midnight January 1, 2001.  In this case all your images are exposed.

  • It could be an infrastructure error.  E.g., if you automatically sync from an erroneous external time source (cell phone company, etc.)

For those who want to see it for themselves, Barkah states the vulnerability is easy to test. All you have to do is set your iPhone’s clock to a time in the past (like 2010 or 2011) and access the Camera app while your phone is still locked.

Although it’s unlikely that someone is that desperate to hijack your phone to roll the clock back just to rifle through your photo albums, it’s still something to keep in mind. This especially rings true considering iPhones tend to be popular with thieves and folks tend to take a lot of incriminating pictures with cellphones.

Follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest tech news and PC security alerts.

No comments:

Post a Comment