Elcomsoft noted that trying to break into the physical phone or into iCloud has gotten incredibly difficult, but accessing a backup stored on a computer allows for some access. The weakness of the iTunes backups appears to be a weak link in security for the iPhone - but only for iOS 10 users. If an attacker managed to get one of those backup files without the associated password, Elcomsoft’s new attack would allow it to crack the encryption "approximately 2500 times faster compared to the old mechanism used in iOS 9 and older." Where the company could process 2,400 passwords per second under iOS 9, it can run 6 million passwords per second in iOS 10. The attack targets password-protected backups made by iOS 10. It found that backups saved after a user updates to iOS 10 uses a new "password verification mechanism" that skips several security checks, according to a blog post. According to Forbes, Apple’s latest iOS release seems to have accidentally weakened the iPhone’s security, potentially allowing unauthorized access to localized backups.Įlcomsoft, a Russian firm that has created tools to break into iPhones, discovered the vulnerability as it worked to update its phone breaker tool.
0 Comments
Leave a Reply. |