News spread yesterday after Bernd Marienfeldt discovered a security issue with passcode enabled iPhone devices still being accessible using a stock Ubuntu 10.04 system and now reaching major sites on the Internet.
Since those reports appear to point out that Ubuntu/Linux is “teh evil”, I’ll try to explain why this is totally false information and FUD.
The basic workflow he pointed out was:
- Set a passcode on a device
- Switch off the device
- Attach it to an Ubuntu system it was never attached before
- The device starts booting
- Ubuntu automounts the device media partition and allows access
The expected behavior is that the device would refuse to pair with the unknown system due to having a passcode set.
Now the problem here is that you can replicate this flaw with any operating system.