Apple iPhone

ENISA smartphone cyber security report

ENISA, the European Network and Information Security Agency [1], released their latest EU’s cyber-security agency report which highlights risks, opportunities and recommendations for users of smartphones.

I am glad that part of my work towards more secure smartphones was mentioned and referenced in this latest update.

Given the growing importance of smartphones for EU businesses, governments and citizens, we consider it essential to assess their security and privacy implications.

says Prof. Dr.Udo Helmbrecht, Executive Director of ENISA.

Smartphones are a goldmine of sensitive and personal information – it’s vital to understand how to maintain our control over this data. We’ve designed our recommendations to plug into a typical security policy

says Dr. Giles Hogben, co-author of the report.

The full story


[1] or

Apple iPhone

Making phone calls with locked iOS 4.1

I came an article across which describes how to make a phone call from a locked iPhone with iOS 4.1. The web link refers to a Mac Forum where a member explains how to produce the hack:

When you iPhone is locked with a passcode tap Emergency Call, then enter a non-emergency number such as ###. Next tap the call button and immediately hit the lock button. It should open up the Phone app where you can see all your contacts, call any number, etc.

I tried it out and it doesn’t work for me on iPhone 3GS (Model MC 132B) with iPhone 4.1 (8B117).(* see update)

The person who discovered the flaw mentioned that he used a jailbroken phone but some people claimed that they could reproduce it on non jailbroken versions.

I am now wondering if the flaw depends on specific hardware parameters(* see update ) like processor speed etc. and it currently can only be practised on the more powerfull iPhone 4.

*Update: Confirmed to be working on iPhone 3GS with iOS 4.0 (8A293) (model MC131B) and if you are quick enough it also works on iPhone 3GS (Model MC 132B) with iPhone 4.1 (8B117).

Apple iPhone

Apple iOS4 iPhone update

Apple says U  p  d  a  t  i  n  g   i s   e  a  s  y. But if you care about security it’s not:

I strongly recommend following update procedure for iOS4:

Upgrading your iPhone to the latest version is the normal procedure, however if you read the installation notes during the software update very carefully you will note as mentioned:

Apple: * Better data protection using the device passcode as an encryption key* (Requires full restore)

What this means is that unless you go through the Full Restore process you will not gain any data protection improvement promised by Apple.

iOS4 Update flowchart

1.) Make sure your PC system is connected to a reliable power source.

2.) Get iTunes up to date, use the built in update function (Help -> Check for Updates)

3.) Make a backup of your iPhone data: Connect your iPhone to the computer system and open iTunes. Under ‘Devices’ on the left hand side of the window, right-click on the name you assigned your iPhone and first select ‘Sync’. Once this has been completed follow the same procedure, only this time select ‘Back Up’. Again, once this is finished right click on your iPhone and finally select ‘Transfer Purchases’. Once this has been done your iPhone would be fully backed up onto iTunes locally.

4.) iPhone iOS4 installation Phase 1:

Once you have fully backed up your iPhone go onto ‘Summary’ and select ‘Check for Updates’. The option to update to the latest version (4.0) will appear, select the update option and leave the iPhone to run its system update. The iPhone will require restarting.

Apple iOS 4 update is disabling your security settings: After the update Apple iOS4 leaves you with no passcode protection and “Erase Data” feature disabled even when you have set this up before the update.

After the iOS4 update make sure under Settings – General – Passcode Lock On:

– Require Passcode is set to “Immediately”

– Simple Passcode is set to “OFF” , I recommend at least 6 characters (numbers and or letters with at least one special character included). This is very important as the passcode will be used to generate your encryption key during the full restore procedure .

– Erase Data is set to “ON”

5.) iPhone iOS4 installation Phase 2:

Note: If a Backup is available you should not lose any data at all.

Once the iPhone has completed its updates, select ‘Restore’ in the ‘Summary’ section of iTunes. If you have already backed up your iPhone with all the latest changes you’ve made to it (New songs, pictures etc) you won’t need to update the iPhone again, just allow it to run its System Restore, this will reset the iPhone back to its factory settings. Once the process is completed the device will restart and the Apple logo will appear on the screen. After the restore, the iPhone displays the “Connect to iTunes” screen. Keep your device connected until the “Connect to iTunes” screen goes away or you see “iPhone is activated.” If iTunes does not have an Internet connection, you cannot complete this step.

Finally, to restore your device from the previous backup you should be able to see a set of options in iTunes, stating that “An iPhone has been previously synced with this computer” with a list of synced devices, select the backup from which you want to restore your settings and select the continue button to complete the devices restoration.

Thank You


Apple iOS4 Software Update Release Notes:

iOS 4 Software Update

This update contains over 100 new features, including the following:

* Multitasking support for third-party apps*
– Multitasking user interface to quickly move between
– Support for audio apps to play in the background
– VoIP apps can receive and maintain calls in the
background or when device is asleep
– Apps can monitor location and take action while
running in the background
– Alerts and messages can be pushed to apps using
push and local notifications
– Apps can complete tasks in the background
* Folders to better organise and access apps
* Home screen Wallpaper*
* Mail improvements
– Unified inbox to view emails from all accounts in one
– Fast inbox switching to quickly switch between
different email accounts
– Threaded messages to view multiple emails from the
same conversation
– Attachments can be opened with compatible third-
party apps
– Search results can now be filed or deleted
– Option to select size of photo attachments
– Messages in the outbox can be edited or deleted
* Support for iBooks and iBookstore (available from the
App Store)
* Photo and Camera improvements
– 5x digital zoom when taking a photo**
– Tap to focus during video recording**
– Ability to sync Faces from iPhoto
– Geo-tagged photos appear on a map in Photos
* Ability to create and edit playlists on device
* Calendar invitations can be sent and accepted wirelessly
with supported CalDAV servers
* Support for MobileMe calendar sharing
* Suggestions and recent searches appear during a web
* Searchable SMS/MMS messages**
* Spotlight search can be continued on web and Wikipedia
* Enhanced location privacy
– New Location Services icon in the status bar
– Indication of which apps have requested your location
in the last 24 hours
– Location Services can be toggled on or off for
individual apps
* Automatic spellcheck
* Support for Bluetooth keyboards*
* iPod out to navigate music, podcasts and audiobooks
through an iPod interface with compatible cars
* Support for iTunes gifting of apps
* Wireless notes syncing with IMAP-based mail accounts
* Persistent Wi-Fi connection to receive push notifications*
* New setting for turning on/off mobile (cellular) data only**
* Option to display the character count while composing
new SMS/MMS**
* Visual Voicemail messages can be kept locally even if
they have been deleted from the server**
* Control to lock portrait orientation*
* Audio playback controls for iPod and third-party audio
* New languages, dictionaries and keyboards
* Accessibility enhancements*
* Bluetooth improvements
* Better data protection using the device passcode as an
encryption key* (Requires full restore.)
* Support for third-party Mobile Device Management
* Enables wireless distribution of enterprise applications
* Exchange Server 2010 compatibility
* Support for multiple Exchange ActiveSync accounts
* Support for Juniper Junos Pulse and Cisco AnyConnect
SSL VPN apps (available from the App Store)
* More than 1,500 new developer APIs
* Bug fixes

Products compatible with this software update:
* iPhone 3G
* iPhone 3GS
* iPhone 4
* iPod touch 2nd generation
* iPod touch 3rd generation (late 2009 models with 32GB
or 64GB)

* Requires iPhone 3GS, iPhone 4 or iPod touch 3rd generation.
** Requires iPhone 3G, iPhone 3GS or iPhone 4. SMS/MMS messaging and Visual Voicemail require support from your wireless carrier.

For feature descriptions and complete instructions, see the user guides for iPhone and iPod touch at:

For more information about iPhone and iPod touch, go to:

To troubleshoot your iPhone or iPod touch, or to view additional support information go to:

For information on the security content of this update, please visit this website: