[Owasp-leaders] Keychain IOS
alaa.mubaied at owasp.org
Sun Feb 3 13:45:15 UTC 2013
On Fri, Feb 1, 2013 at 4:24 PM, Jason Johnson <jason.johnson at p7n.net> wrote:
> I love to see this information pass by the leaders list. My company is
> discussing BYOD and the risk analysis that will bring to the table.
> Keep the mail coming I say.
> Abbas Naderi <abbas.naderi at owasp.org> wrote:
> >Hi Ala'a,
> >1. It uses FIPS approved methods, for details you should refer to the
> appropriate mailing list.
> >2. Default root password for jailbreaks is "alpine". they use that to
> query the keychain. without that you can't decrypt the data as it requires
> root privileges.
> >3. nop, but there's still keychain.
> >On ۱۲ بهمن ۱۳۹۱, at ۱۴:۰۱, "Ala'a Mubaied" <alaa.mubaied at owasp.org>
> >> Hello Everyone,
> >> regarding the keychain service in IOS, i have a couple of questions
> >> 1. what is the encryption method used to encrypt data in keychain ?
> >> 2. in jailbroken phones, if you look into this video, they use
> keychain_dumper which dumps all the secrets from the keychain, my question,
> does that mean keychain_dumper decrypt the information from the keychain
> and how it reads the decryption keys ?
> >> 3. does keychain_dumper works ok for un-jailbroken iphones ?
> >> Thanks
> >> Ala'a
> >> _______________________________________________
> >> OWASP-Leaders mailing list
> >> OWASP-Leaders at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >OWASP-Leaders mailing list
> >OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders