The new “wipe” feature in the iPhone 3.0 operating system is one of the most interesting of the additions that came with that new firmware, but apparently it has problems.

One of the big complaints about the iPhone in corporate environments has been that it is not sufficiently secure. One of the biggest Apple responses to that claim has been the “wipe” feature introduced with the new OS 3.0 release last month. Not much has been written about the feature yes, but there is now a fair amount of information on its practicality in a new Macworld article.

It seems that the wipe feature is interesting in a number of ways. First, it works differently, or at least at different speeds, on different models of the iPhone. Second, it seems that it is possible to keep it from working from the cell phone end of the process, which would make the feature appear to be less secure than intended. Plus, there are some basic security holes that remain unfilled.

First, the issue of the time it takes to complete the wipe process. When sent to a new iPhone 3GS, the entire phone can be wiped clear in a minute, or maybe less. However, when the wipe command is sent to an older phone, such as the iPhone 3G, that same data wipe can take up to two hours, at an apparent rate of about 8 GB per hour. This is due to the new on-the-fly encryption process of the new 3GS phone, and the speed it lends to the process. That is a large difference in wipe times, and it apparently it is time itself that the enterprising thief can use to his or her advantage.

If the iPhone is forced to reboot (by holding down the Home and Sleep/Wake buttons) immediately after the command to wipe was sent, when the phone is rebooted, all of the data is still there; it will not have been wiped. However, if one waits a little longer, apparently just a few seconds longer, then the wipe has time to run long enough to get far enough into the process that a reboot is not possible; it just continues whenever the phone is turned on. Of course, this would be difficult to test with all phones and all reboot time intervals, but it is still a problem.

Plus, the phone needs to be connected to the internet for the process to work, so the simple expedient of removing the sim card, or blocking cell and Wi-Fi connection electronically, would still get a savvy thief all the time they need to get to the data that is actually contained on the phone. The same would be possible if the phone was not using a password. Simply disable Wi-Fi, and the wipe command would not be received.

In the end, the new wipe command is better than nothing, but it is surely not a guarantee that data on the phone could not be stolen. A wise thief, especially one that is after the data on the phone, has a number of options to get at that data without being interrupted by the wipe process. Perhaps some improvements are in order…

Related:

Entry was posted on Wednesday, July 15th, 2009 at 4:59 pm under Hacks, Internet, iPhone.  Print This Post

Read more entries by Michael W. Jones.
Stumble It!