iPhone Hackers Say Apple Weakened Backup Security With iOS 10
Professional iPhone hackers say that Apple AAPL -1.72% has dropped the ball on password security with its latest iPhone operating system, making the task of cracking the logins for backups stored on a Mac or PC considerably easier.
The claim comes from Elcomsoft, a well-known Russian forensics company, whose kit was thought to have been used by hackers who exposed celebrities’ nude pictures in 2014. Like market leader Cellebrite, it makes its money selling kit that can break into iPhones for the purpose of rooting around a target’s device. As soon as iOS 10 was out, the company started probing its security, and found Apple was using a weaker password protection mechanism for manual backups via iTunes than it had done previously.
Thanks to Apple’s mistake, Elcomsoft said it could potentially guess backup passwords 40 times faster using CPU acceleration when compared to the speedier GPU-powered cracking in iOS 9. When using the same Intel INTC -0.96% i5 CPU for cracking efforts, it was an astonishing 2500 times faster, with 6 million password guesses per second compared to just 2,400. The company thinks it has an 80 to 90 per cent chance of successfully getting the right password with its tools, which can be bought by anyone, not just the cops.
“We discovered an alternative password verification mechanism added to iOS 10 backups. We looked into it and found out that the new mechanism skips certain security checks, allowing us to try passwords approximately 2500 times faster compared to the old mechanism used in iOS 9 and older,” Elcomsoft’s Oleg Afonin wrote in a blog post today.
What’s the weakness?
Indeed, the more secure version of storing passwords goes back to iOS 4, according to Elcomsoft CEO Vladimir Katalov.
So what exactly has Apple done? As password security expert Per Thorsheim noted in a blog on Peerlyst, Apple used a weaker hashing algorithm for local backups of iPhone files stored on PCs. Such algorithms turn a plaintext password into a “hash” — a string of numbers and letters. Password crackers attempt to guess the output, or hash, of the algorithm and match it with plaintext; so, the more complex the algorithm and the more complex the password, the harder it is to find a match.
In iOS 9 and prior versions back to iOS 4, Apple used what’s known as a PBKDF2 algorithm and had the password run through it 10,000 times , so a hacker would have to run their plaintext guess through the algorithm 10,000 times too and repeat the process until a match was found. In the iOS 10 alternative version, a different algorithm known as SHA256 was used but with just one iteration. A hacker therefore only need try a single password once and repeat to find a match and crack the login, making the whole process considerably less time consuming.
“It’s not a good choose of algorithm,” Thorsheim told FORBES. He noted that Apple’s decision appears even more bizarre as the more secure password protection system remains in place alongside the new one; there are two password hashes a hacker can try to crack, one weaker than the other. He added that Apple might win the “stupidity award of the year” for taking such “a big leap back in security.” Katalov noted that even where stronger logins have been set up by the user, “even eight-character passwords are unsecure.”
Katalov said the company would have to update both iOS and iTunes, with “some significant changes in backup format.”
Apple confirmed it was looking into the issue. “We’re aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups,” a spokesperson said. “We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption.”
Attack limitations
There’s one obvious limitation to any attack: the vulnerability is specific to password-protected local backups on iOS 10. That would mean a hacker would have to get access to the computer where the iPhone files were stored, and hope the user had turned on local backups in the first place rather than simply use iCloud like most do by default. They could get on the linked computer either by physically extracting the data or by compromising the machine in some other manner, such as a remote hack.
But there’s one trick hackers could use if they have physical access to a phone and the laptop. Elcomsoft said it was possible to force a phone into creating a backup on the phone and it may be possible “to produce a local backup even if the phone is locked by using a pairing record extracted from a trusted computer.”
Anyone with that level of access may well have the ability to take almost anything they wanted from a target’s iPhone. “If you are able to break the password, you’ll be able to decrypt the entire content of the backup including the keychain,” Afonin said.
Katalov told FORBES: “A backup contains almost an exact copy of the device – address book, messages, call log, media files and much more, including saved passwords and authentication tokens to mail, social network accounts.”
Elcomsoft isn’t the first to have found weaknesses in the latest iPhones. Just earlier this week, the first jailbreak for the iPhone 7 was uncovered by 19-year-old Luca Todesco, who goes by the pseudonym qwertyoruiop. Jailbreaks, which remove Apple’s controls over what software can run on the phone, require low-level exploits of iOS vulnerabilities. Todesco is yet to reveal how he managed to jailbreak his device, however.
Just last month, researchers found Israeli firm NSO malware targeted at a UAE-based activist’s iPhone. It was able to get on iPhones in the first place because of three vulnerabilities on the device, which was running iOS 9.
This article was updated at 5.35pm ET to include Apple’s statement that it was planning to address the weakness.
Tips and comments are welcome at TFox-Brewster@forbes.com or tbthomasbrewster@gmail.com for PGP mail. Get me on Twitter @iblametom and tfoxbrewster@jabber.hot-chilli.net for Jabber encrypted chat.
Apple iOS 10.0.2: Should You Upgrade?
Here we go again. Just nine days after the release iOS 10, Apple AAPL -1.72% has released iOS 10.0.2, its second full release (while photo enhancing iOS 10.1
is already in public beta). Like iOS 10.0.1 there was no developer or
public beta testing beforehand, so should you install this mysterious
update?
Who Is iOS 10.0.2 For?
iOS 10.0.2 continues to trend of all Apple iOS 10 releases: it is designed for the iPhone 5 or later, iPad 2 or later, iPad mini 2 or later, iPad Pro range and the 6th generation iPod touch or later. Upgrade prompts will be received automatically, but if you don’t get one or want to trigger it manually go to Settings > General > Software Update
As always, the size of iOS updates differs depending on your device, and iOS 10.0.2 is coming in at between 40MB and 120MB with the larger file sizes for the iPhone 7 and iPhone 7 Plus.
The Deal Breakers
Less a deal breaker, than a standard warning these days. In the past Apple didn’t always seal jailbreaks with each release, but now the company is being far more proactive and iOS 10.0.2 will again break any Pangu or TaiG jailbreak you are running.
Personally I struggle to now see a time when either of these jailbreaking teams will be able to make significant inroads again with Apple gunning so strongly for them.
Elsewhere the ever vigilant Apple Support Communities has a few isolated 10.0.2 issues increased data usage, alarm clock issues and missing contacts.
But, as with complaints regarding iOS 10.0.1, these are again all
isolated incidents so far and have not escalated. As always, should this
change expect an update.
So What Do You Get?
Unlike the monstrous iOS 10 update (and its mass of secret features), iOS 10.0.2 is primarily a bug fix with its main focus being a patch for the iPhone 7 audio bug Apple recently confirmed:
While the audio fix is very timely
(complaints only surfaced three days ago), it does illustrate a less
discussed downside to Apple’s decision to remove the headphone jack.
Unlike the 3.5mm jack, the heavily marketed Lightning port is all
digital which means it relies on software to operate. So this gives
Apple an additional aspect to test with every future iOS update.
Hopefully this initial rude awakening is the only reminder it needs.
Just like the audio bug, Apple has also been very quick to stamp down the two other problems iOS 10.0.2 promises to fix. So quick in fact that I haven’t seen either reported as a problem by users on any of the major forums. If Apple is going to be this sharp with its releasing going forward, then it has levelled up considerably since the troubles of both iOS 8 and iOS 9.
Apple iOS 10.0.2 Install Verdict: No Rush, Except For iPhone 7 Owners
With any luck iOS 10.0.2 will continue what has so far proved to be an extremely smooth start for iOS 10. And iPhone 7 owners hit by the Lightning audio bug would be well advised to install it immediately.
For others, however, there is no need to rush. iOS 10.0.2 brings no major new features and no high profile security updates. It is Apple taking care of its new iPhones and throwing in a bit of minor housekeeping at the same time. As such it is worth taking the weekend to be sure that no nasty surprises are discovered.
The Road Ahead
Given the speed with which Apple is updating iOS 10, it wouldn’t surprise me to see iOS 10.0.3 before the final version of iOS 10.1 is released in 4-6 weeks time.
iOS 10.1 brings a new Portrait mode to the iPhone 7 Plus which capitalises on the phone’s dual camera to intelligently add bokeh (blur) to the background. This helps portraits pop and simulates the effect you get from a premium SLR camera. As the first major ‘point release’ it should also come packing some new features, though exactly what is unknown at this stage.
visit crazetech1.blogspot.com for more info......
Who Is iOS 10.0.2 For?
iOS 10.0.2 continues to trend of all Apple iOS 10 releases: it is designed for the iPhone 5 or later, iPad 2 or later, iPad mini 2 or later, iPad Pro range and the 6th generation iPod touch or later. Upgrade prompts will be received automatically, but if you don’t get one or want to trigger it manually go to Settings > General > Software Update
As always, the size of iOS updates differs depending on your device, and iOS 10.0.2 is coming in at between 40MB and 120MB with the larger file sizes for the iPhone 7 and iPhone 7 Plus.
The Deal Breakers
Less a deal breaker, than a standard warning these days. In the past Apple didn’t always seal jailbreaks with each release, but now the company is being far more proactive and iOS 10.0.2 will again break any Pangu or TaiG jailbreak you are running.
Personally I struggle to now see a time when either of these jailbreaking teams will be able to make significant inroads again with Apple gunning so strongly for them.
Here we go again. Just nine days after the release iOS 10, Apple AAPL -1.72% has released iOS 10.0.2, its second full release (while photo enhancing iOS 10.1
is already in public beta). Like iOS 10.0.1 there was no developer or
public beta testing beforehand, so should you install this mysterious
update?
Who Is iOS 10.0.2 For?
iOS 10.0.2 continues to trend of all Apple iOS 10 releases: it is designed for the iPhone 5 or later, iPad 2 or later, iPad mini 2 or later, iPad Pro range and the 6th generation iPod touch or later. Upgrade prompts will be received automatically, but if you don’t get one or want to trigger it manually go to Settings > General > Software Update
As always, the size of iOS updates differs depending on your device, and iOS 10.0.2 is coming in at between 40MB and 120MB with the larger file sizes for the iPhone 7 and iPhone 7 Plus.
The Deal Breakers
Less a deal breaker, than a standard warning these days. In the past Apple didn’t always seal jailbreaks with each release, but now the company is being far more proactive and iOS 10.0.2 will again break any Pangu or TaiG jailbreak you are running.
Personally I struggle to now see a time when either of these jailbreaking teams will be able to make significant inroads again with Apple gunning so strongly for them.
Who Is iOS 10.0.2 For?
iOS 10.0.2 continues to trend of all Apple iOS 10 releases: it is designed for the iPhone 5 or later, iPad 2 or later, iPad mini 2 or later, iPad Pro range and the 6th generation iPod touch or later. Upgrade prompts will be received automatically, but if you don’t get one or want to trigger it manually go to Settings > General > Software Update
As always, the size of iOS updates differs depending on your device, and iOS 10.0.2 is coming in at between 40MB and 120MB with the larger file sizes for the iPhone 7 and iPhone 7 Plus.
Apple iOS 10.0.2 update. Image credit: Apple
Less a deal breaker, than a standard warning these days. In the past Apple didn’t always seal jailbreaks with each release, but now the company is being far more proactive and iOS 10.0.2 will again break any Pangu or TaiG jailbreak you are running.
Personally I struggle to now see a time when either of these jailbreaking teams will be able to make significant inroads again with Apple gunning so strongly for them.
Recommended by Forbes
So What Do You Get?
Unlike the monstrous iOS 10 update (and its mass of secret features), iOS 10.0.2 is primarily a bug fix with its main focus being a patch for the iPhone 7 audio bug Apple recently confirmed:
- Addresses an issue that could prevent headphone audio controls from temporarily not working
- Resolves an issue that caused Photos to quit for some users when turning on iCloud Photo Library
- Fixes an issue that prevented enabling some app extensions
The iPhone 7 and iPhone 7 Plus all digital Lightning connector means audio output is now software dependent. Image credit: Apple
Just like the audio bug, Apple has also been very quick to stamp down the two other problems iOS 10.0.2 promises to fix. So quick in fact that I haven’t seen either reported as a problem by users on any of the major forums. If Apple is going to be this sharp with its releasing going forward, then it has levelled up considerably since the troubles of both iOS 8 and iOS 9.
Apple iOS 10.0.2 Install Verdict: No Rush, Except For iPhone 7 Owners
With any luck iOS 10.0.2 will continue what has so far proved to be an extremely smooth start for iOS 10. And iPhone 7 owners hit by the Lightning audio bug would be well advised to install it immediately.
For others, however, there is no need to rush. iOS 10.0.2 brings no major new features and no high profile security updates. It is Apple taking care of its new iPhones and throwing in a bit of minor housekeeping at the same time. As such it is worth taking the weekend to be sure that no nasty surprises are discovered.
The Road Ahead
Given the speed with which Apple is updating iOS 10, it wouldn’t surprise me to see iOS 10.0.3 before the final version of iOS 10.1 is released in 4-6 weeks time.
iOS 10.1 brings a new Portrait mode to the iPhone 7 Plus which capitalises on the phone’s dual camera to intelligently add bokeh (blur) to the background. This helps portraits pop and simulates the effect you get from a premium SLR camera. As the first major ‘point release’ it should also come packing some new features, though exactly what is unknown at this stage.
visit crazetech1.blogspot.com for more info......
0 comments:
Post a Comment