iOS 4 Encryption Hacked by Russian Forensic Experts
Apple just finished answering to questioning from a senate committee hearing on mobile security regarding questionable practices of storing user location data, and now may have another security scandal on their hands. Russian forensic experts from security firm ElcomSoft told Bright side of news they have managed to hack the iOS 4 backup file encryption and built-in device data protection.
Apple originally introduced in-device encryption using a new chip in the iPhone 3GS for encrypting data on the device itself using 256-bit encryption. Elcomsoft have released a GPU-accelerated “Phone Password Breaker” tool capable of cracking password protected, encrypted backups for both Apple’s iOS devices and RIM’s Blackberry phones. Of course its advertised as a recovery tool and would probably come in handy as exactly that in the event you forget your backup password. Backups typically contain user data consiting of everything from SMS, call logs, and contacts, to web browser history, applications, and email & voicemail settings.
Fortunately, its not going to be as easy for hackers to access your backups as you might think, as the ElcomSoft software requires physical access to the device in order to crack the backups. ElcomSoft’s Vladimir Katalow explains:
"Decryption is not possible without having access to the actual device because we need to obtain the encryption keys that are stored in (or computed by) the device and are not dumped or stored during typical physical acquisition. “
ElcomSoft also distributes tool sets for decrypting the iOS 4 filesystem called Enhanced Forensic Access to iPhone/iPad/iPod/ Devices Running iOS 4. This software, however, is restricted to certain government entries such as law enforcement and intelligence agencies.
There have been a plethora of privacy and security concerns raised recently regarding many aspects of how devices such as Apple’s iPhone and Google’s Android devices handle user data. Maybe Apple and their competitors should consider getting Elcomsoft and the team behind these tools to address some of the privacy concerns associated with their mobile devices.
The BlackBerry PlayBook is RIM's answer to the tablet boom started by Apple's iPad. How does it stack up? Sean and Andy find out.
Sean goes on location to the Apple Developers Conference, while Andy stays at home and moves house.
Clickfree tries to change the face of consumer data backup
Amazon sets the wire afire, Android gives developers an Ice Cream Sandwich playbook and SanDisk backs up your Android's SD card to the cloud.
The smartphone wars just heated up with the release of Blackberry's new Torch, but can it hold a candle to Apple's popular iPhone? Andy and Sean take a look at these two next-gen smartphones in a face-off, and compare their strengths and weaknesses.