[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] iPhone data protection flaw

To: Gregor Schneider <rc46fi@xxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] iPhone data protection flaw
From: Michael Holstein <michael.holstein@xxxxxxxxxxx>
Date: Tue, 18 May 2010 12:31:25 -0400

> AFAIK the USB-protocol does not contain any authorization /
> authentication-mechanism:

USB just defines the signaling protocol and interface.

After that, you can make the target device to whatever you want with the
corresponding driver on the host side. Take a look at any Sansa MP3
player .. you can tell it to act as "USB Mass Storage" or act as a "MTP
device". The latter requires a certificate to communicate with it.

Cheers,

Michael Holstein
Cleveland State University

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] iPhone data protection flaw
  - From: Bernd Marienfeldt
- Re: [Full-disclosure] iPhone data protection flaw
  - From: Gregor Schneider
- Re: [Full-disclosure] iPhone data protection flaw
  - From: Valdis . Kletnieks
- Re: [Full-disclosure] iPhone data protection flaw
  - From: Gregor Schneider

Prev by Date: [Full-disclosure] [ MDVSA-2010:098 ] kdenetwork4
Next by Date: Re: [Full-disclosure] Windows' future (reprise)
Previous by thread: Re: [Full-disclosure] iPhone data protection flaw
Next by thread: Re: [Full-disclosure] iPhone data protection flaw
Index(es):
- Date
- Thread