Doing Business | IT & Technologies

September 26, 2016

New iOS 10 security flaw makes it easier to crack iPhone backups

According to Forbes, Apple’s latest iOS release seems to have accidentally weakened the iPhone’s security, potentially allowing unauthorized access to localized backups.
New iOS 10

New iOS 10

Elcomsoft, a Russian firm that has created tools to break into iPhones, discovered the vulnerability as it worked to update its phone breaker tool. It found that backups saved after a user updates to iOS 10 uses a new "password verification mechanism" that skips several security checks, according to a blog post.

The attack targets password-protected backups made by iOS 10. If an attacker managed to get one of those backup files without the associated password, Elcomsoft’s new attack would allow it to crack the encryption "approximately 2500 times faster compared to the old mechanism used in iOS 9 and older." Where the company could process 2,400 passwords per second under iOS 9, it can run 6 million passwords per second in iOS 10.

The weakness of the iTunes backups appears to be a weak link in security for the iPhone — but only for iOS 10 users. Elcomsoft noted that trying to break into the physical phone or into iCloud has gotten incredibly difficult, but accessing a backup stored on a computer allows for some access. "Forcing an iPhone or iPad to produce an offline backup and analyzing resulting data is one of the very few acquisition options available for devices running iOS 10."

According to a statement provided to Forbes, Apple is aware of the issue and is working to correct it:

"We're aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups," a spokesperson said. "We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption."

In the meantime, it might be best to wait for an updated version of iOS before you back your phone up.

 

Text by The Verge
 

Tags Cloud

20102011accaaccidentaccidentsADSUadvertisingafghanistanAfrAsiaafricaagalegaagreementagricultureagroAHRIMAIairair asiaair australAir Franceair madagascarair mauritiusairasiaAirlinesairportairway coffeeAlbionalgeriaalibabaalteoAlvaro SobrinhoamazonAmeenah Gurib-FakimAMLandroidangolaApollo Bramwellappappleappointmentsappsaquaculturearab townarrestasiaATMATOauditaudit reportaustraliaaustriaaviationawardawardsAxcel ChenneyBABagatelleBagatelle DamBAIBangladeshbankBank OnebankingbanksBar CouncilbarclaysBDObeachbeachesBeau Bassin-Rose HillbeautybeerBelgiumBelle-MareBelle-RiveBet365betamaxbettingBharat Telecombig databitcoinblue economyBlue-BayBOIboko haramBollywoodBOMbombingbookbookmakerbossBotswanabpmlBPOBramer BankbrazilbrexitBritish AirwaysbudgetbuildingbusesBusinessbusiness trendsCabinetcall centresCanadacanecareercareer tipscargocarnivalcasinoCCIDCCMCCTVCEBcelebretiescelebritiescementChagoscharityCharlie HebdoCHCchilechinachromeCIELcigarettesCim FinancecinemaclashesCMTcomoroscompetitionconcertconferenceCongoconstitutional amendmentconstructioncontestcontestscontractcooperationcorruptioncounterfeitcoupCourtCourtsCPBCPEcreativitycreditscrisiscruise shipsCSOCT PowerCultureCurepipecustomercustomerscustomsCVCWAcyclingcyclonedamDawood RawatdayDBMdeficitdenguedeportationdevelopmentDiego GarciadivalidoctorsdodoDomaine les PaillesDonald TrumpDPPdrug traffickingdrugsDTAADubaiDuty Freee-commercee-servicesearthquakeebeneebolaecoecologyeconomicEconomic Development BoardeconomicseconomyEducationeducation abroadeducation reformEEZEgyptEIILMelectionelectionselectoral reformelectricityelon muskembassyEmiratesemirates airlinesEmtelenergyENLentrepreneurshipEnvironmentEOCEUEuroEuropeeventeventsexamexaminationexamsexpoexportfacebookfairFalcqfarmersfarmingfashionfast foodfbiFDIfeefeesferryfestivalFievre AphteuseFIFAFIFA World CupFilm Rebate SchemefilmingfilmsfinancefinancesfinancingFirefishfishingFIUFlacqFlic-en-FlacFloodsflourfonction publiquefoodFootballforecastforeign workersForumFrancefraudfruitfruitsFSCFTAfuelfunnyGAARgabongadgetsgalaxygalaxy notegamblinggame of thronesgamesgasgazaGDPGermanyghanaGlobal BusinessgolfGoodlandsgoogleGorah Issac casegovernmentGRAGrand Baygrand-baiegreecegreengreen energygrippeGTUH1N1hackershajjhamashappinessHawaiihawkershealthhealthcareHeritage Cityhi-techhighlandshistoryHolcimholidaysHong Konghorse raceshorse racingHospitalhotelhotel businesshotelshowhow toHRHRDCHSBCHSCHSC ProhtchungaryhuntingHusein Abdool RahimIBAIBLICACICTICTAID cardiframacillegal fishingillegal migrationillegal workersIMFimportindiaIndian OceanIndian Ocean Island GamesIndonesiainflationinfluenzaInfographicsinfrastructureinnovationinnovationsinsuranceinterest rateinternetinterpolInterviewinterview tipsinvestinginvestmentinvestmentsIOCIORECiosiPadiphoneIPOiraniraqirelandIRSISISislamicisraelITItalyjapanJean-Claude Bastos de MoraisJellyfishJewelleryJin FeijobjobsjockeyjournalismJulian AssangeKailash TrilochunKenyakitesurfingKPMGkreolla buttelabourLafargelandlandslideLarsen & ToubrolawlawslayoffsLe MorneleadershipleakLepeplexpressliberiaLibyalifeloanloanslocal governmentlogisticslondonlotteryLottotechLRTLufthansalycheeMadagascarmade in morisMahebourgmalariamalaysiamalaysia airlinesMaldivesMalimallmanagementmanagement tipsmanufacturingmarketmarketingmarketsMauBankMauritiansmauritiusMBCMCBMCCIMDFPMeatmeccamediaMedical CouncilMedical tourismmedicamentsmedicineMedineMedPointmeetingMEFMegh PillayMESMeteoMetro ExpressMEXAmexicoMFAMGIMHCmichaela harte caseMicrosoftMIDMidlandsMIEmigrationmigration crisisminimum salaryminimum wagemiss mauritiusmistakesMITDmlMMMmobilemobile phonesMokamoneymoney launderingmonkeyMont-ChoisyMoody’sMoroccomotivationmoviesMozambiqueMPAMPCMPCBMPLMQAMRAMSBMSCMSMMTMTCMTPAMusicMV BenitaNad SivaramenNaïadeNamibiaNandanee SoornackNarendra ModinasanatureNavin RamgoolamNavind KistnahNCBNCGNDUNECnefNegative Income TaxNelson MandelaNeotownNepalnetherlandsnetworkingNew Mauritius Hotelsnew zealandNGONHDCNICNICHLNigerianight clubsNitin Chinien caseNobel Prizenokianorth koreaNRBNTANTCNWCCoceanocean economyofofficialsoffshoreoilOlympic GamesOmega ArkOmnicaneoniononlineopinionOppositionorangeoscaroscar pistoriusOUMoutsourcingPakistanpalestinePamplemoussesPanama Paperspandit sungkurParadise PapersparliamentPaul Bérengerpensionpensionspeoplepermis de travailPhilippinesPhoenix Beveragesphonespicture of the daypillspiracyplageplagueplanPlanet Earth InstitutePMPMEPMOpmsdPNQpokerpolicepoliticspollutionPonzi SchemeportPort LouisPort-LouispostPovertyPRPravind JugnauthPRBpresentationpresentation tipspresidentpricepricesprisonproblemprofitprojectprojectsprostitutionprotestspsacPSCpsychologyPTRpublic functionpublic servicepwcQatarQuantum Globalquatre-bornesquotesrainsRajindraparsad SeechurnRakesh GooljauryransomwareratesratingratingsRavi Yerrigadooreal estaterecallsreformreformsrefugeesreligionrentrepo ratereportRESRésidence Barklyrestaurantrestaurantsresultresultsresumeresume tipsretailReunionrevenuericeRiche-TerreriseRiviere-du-RempartRiviere-Noireroadsroche-boisRoches-Noires caseRodriguesRogersrose-belleRose-HillrosewoodRoshi BhadainRum and SugarRundheersing BheenickrupeeRussiaRwandasafetySAJsalariessalarysalesalessales tipssamsungsanctionssaudi arabiaSBIsbmSCscamscandalSCBGscholarshipscholarshipsSchoolschoolsscienceseasecuritySEMSEMDEXSenegalSeychellesShakeel MohamedShanghaisharksshootingshoppingshopping fiestashopping mallshopping mallsshowShowkutally SoodhunSICsicomSierra LeonesingaporeSITskillssmall businesssmart citysmartphonesSMeSME MauritiusSMEDASMFsmmsnapchatSobrinho casesocialsocial mediasocial networks & messengersSofitelsoftwaresolar energySomaliasonysouthsouth africaSouth China Seasouth koreasouth sudanspainsponsorshipsportSportsSquatterssri lankaSSRStar KnitwearstartupsstatisticsstatsSTCstockstock marketstocksstrategystreet vendorsStressstrikestudystudy abroadstylesuccesssuccess storysugarsugar canesummitSun ResortsSun Tan caseSunkai caseSunnystarssurveySwanSwedenSwitzerlandsyriaTAtabletsTaiwanTanzaniataxtax fraudtax heaventaxesTbillsteaTeachersteamTECtechnologytelecomtendertendersterrorismtertiarytextilethailandthethefttimetime managementtipstototaltourismtoystradetrade feetradingtrainingtrainingstransporttraveltrendsTrioletTripAdvisorTrou-aux-BichestsunamitunaTunisiaTurfTurkeyturkish airlinesTVtwittertyphoonUdMUgandaukukraineununemploymentunionsuniverseuniversityuomUSUTMvacanciesvacancyVacoasVacoas Popular Multipurpose Cooperative SocietyVacoas-PhoenixVanilla Islandsvarma caseVATVeekram BhunjunvegetablesVerizonvideoVideo of the Dayvirtual realityvisaVishnu Lutchmeenaraidoovisitvivo energyvolcanowasteWaterWaterparkWeatherwest africawhatsappWhitedot Casewi-fiwikileakswindowsWMAwomenworkwork abroadworkersWorkshopWorldWorld Bankwriting tipsWTOXavier-Luc DuvalyahooYasin DenmamodeyemenYEPYerrigadoogateyoutubeZambiazimbabwe
Mauritius
© 2010-2018 mega.mu