A state-sponsored German institute, Fraunhofer SIT, says it has identified a vulnerability in iOS devices which allows passwords to be stolen in as little as six minutes. Although a device must first be jailbroken and an SSH connection established, pulling passwords is otherwise said to require just a special Keychain access script, which exploits iOS functions to output any account data. Enabling a passcode on the OS fails to offer any protection.
