Security and IT blogger Bernd Marienfeldt has discovered a “data protection vulnerability” in Apple’s iPhone 3GS.
According to PCWorld.com, the vulnerability occurs when an up-to-date, non jail-broken, PIN-protected iPhone (powered off) is plugged into a computer running Ubuntu Lucid Lynx. This will allow a hacker to see practically all of the user’s data and leaves no trace of the hack.
iPhone security really only applies with having a sensible trust in Apple’s business model, being the gatekeeper for your own security needs, and when the user’s attitude takes into account that the iPhones Hard Disk encryption and Authentication model is useless toward storage protection.
Apple has been notified about the flaw, but has not corrected it.