According to Apple, all data on the iPhone 3GS is hardware-encrypted using 256-bit AES, which cannot be disabled by the user. Access to data on the iPhone is normally restricted to computers with which the iPhone has previously been connected and to which the requisite credentials have previously been transferred. This exchange of credentials is blocked when the iPhone is locked, so that connecting a locked iPhone to an unfamiliar computer will not allow the latter access to data on the iPhone.
However, Bernd Marienfeldt, security officer at UK internet node LINX, found that he was able to gain unfettered access to his iPhone 3GS from Ubuntu 10.04. If he connected the device whilst it was turned off and then turned it on, Ubuntu auto-mounted the file system and was able to access several folders despite never having previously been connected to the iPhone. [...] An Ubuntu system which had never before communicated with the iPhone immediately displayed a range of folders. Their contents included the unencrypted images, MP3s and audio recordings stored on the device.
