Slashdot: iPhone Root Password Hacked in Three Days

Discussion in 'iPhone' started by krimedog, Jul 3, 2007.

  1. krimedog macrumors member

    Jul 1, 2007

    "An Australian developer blog writes that the iPhone root password has already been cracked. The story outlines the procedure but doesn't give the actual password. According to the story: 'The information came from an an official Apple iPhone restore image. The archive contains two .dmg disk images: a password encrypted system image and an unencrypted user image. By delving into the unencrypted image inquisitive hackers were able to discover that all iPhones ship with predefined passwords to the accounts 'mobile' and 'root', the last of which being the name of the privileged administration account on UNIX based systems.' Though interesting, it doesn't seem as though the password is good for anything. The article theorizes it may be left over from development work, or could have been included to create a 'false trail' for hackers."

    Any thoughts?
  2. marksman macrumors 603


    Jun 4, 2007
    My first thought was how would they actually use this?
  3. appleii2mac macrumors regular

    May 23, 2007
    I wouldn't be entirely surprised if the root passwords were a false lead either.

    In fact, I suspect one of the main reasons that the iPhone lacks many "standard" features (MMS messages, disk mode, etc) is to reduce the available "surface" for the hackers to attack. As these features are stringently tested, and audited, they will be released. The iPhone will likely be the largest "target" for hackers of any phone available, for a variety of reasons.

    I suspect security updates for the iPhone may be quite common in the coming months (although I hope it's not necessary).
  4. /dev/toaster macrumors 68020


    Feb 23, 2006
    San Francisco, CA
    Uh ... gratz ... doesn't really change anything. If they find a use for it, then I might be shocked or amazed ... until then, *yawn*

Share This Page