iPhone passcodes got hacked by Russian security firm

Apple devices running the latest iOS version 4 are now susceptible to having their passcodes hacked. This would allow someone complete access to your stored data.
Russian security firm ElcomSoft claims to be the first company to have cracked the encryption system used to protect the iPhone, iPod touch and iPad. Alarmingly, it plans to sell the software to the highest bidder.
The hack, which requires direct access to the mobile device, involves a combination of brute force attack (trying out every likely combination of a password) and breaking the encryption system itself.
ElcomSoft admits that "explaining what we did to break this encryption is not exactly easy", but it basically involved decrypting security keys which are generated as a combination of the unique device ID and the user's passcode.
The hack somewhat relies on user reluctance to implement strong passwords. iOS devices allow the use of four-digit passcodes, akin to PINs, which are fairly easy to remember and enter on the touchscreen. As there are only 10,000 available combinations, finding the code shouldn't take long.
It's also possible to use longer passwords, but they require use of the on-screen keyboard in portrait mode, and can become a pain to enter every time the device needs to be unlocked. As with all password choices, using longer, non-dictionary words make Apple's mobile devices virtually uncrackable. This is particularly true if the backups stored in iTunes are also protected.
ElcomSoft is planning to sell its cracking software, but promises it will only distribute to "established law enforcement, forensic and intelligence agencies." We'll resist the urge to get political, and leave it to your imagination who might end up with this software. That's assuming it's not already on BitTorrent.
What isn't clear is whether the Apple's "nuke" function, which can be set to wipe data after a number of failed authorisation attempts, kicks in or if that has somehow been sidestepped.
Our advice? Don't put sensitive stuff on your iPhone or iPad. If your iPhone is stolen or confiscated, you should remotely wipe it.


Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH



Post a Comment

Related Posts Plugin for WordPress, Blogger...