According to researcher Bernd Marienfeldt's tests, password-protected iPhones could be fully compromised if powered off, connected to a PC running Ubuntu Linux 10.04, and then powered back on. Additional tests performed by others revealed similar vulnerabilities when connecting password-protected yet powered-off iPhones to Mac OS X and Windows machines.
Cupertino, we have a problem.
Or maybe this is more than a problem. Maybe it's a disaster in the making. Among techies, few are as paranoid as corporate Chief Information Officers charged with safeguarding company data. That's as it should be. Breaches can lead to very expensive lawsuits and other headaches. So long as employee iPhones represent a lawsuit waiting to happen, CIOs will bar them from use while favoring staid yet more established mobile OSes, such as Research In Motion's (Nasdaq: RIMM ) BlackBerry and Nokia's (NYSE: NOK ) Symbian. They might even try Android.
Apple (Nasdaq: AAPL ) had yet to respond to Marienfeld's findings as of this writing. Even so, it's likely the forthcoming 4.0 version of the iPhone OS will fix known flaws and force hackers to find other ways into the iPhone. Given the ease with which 3Gs code was cracked, I expect they will.
And that's troubling to me as an investor. The iPhone and iPad share much at the operating system layer, and these are Apple's two greatest potential earnings drivers; devices that Dell (Nasdaq: DELL ) and Hewlett-Packard (NYSE: HPQ ) are emulating in their own designs. As iToys-cum-tools, they are as likely to be bought by companies as they are consumers.
But only if all the security holes are filled. Hurry up, Apple.
Have security issues with the iPhone kept you from buying one? Are you planning on buying a new one when iPhone 4 is released next week? Tell us what you think in the comments box below.