A Russian security firm found out backup on iOS 10 read more at here www.spinonews.com/index.php/item/1015-a-russian-security-firm-found-out-backup-on-ios-10

The latest iOS incremental update brought a lot of new features to Apple devices, but it seems the update missed out on securing one aspect of the device privacy.

According to Forbes, iOS 10 allows hackers easy unauthorized access to backups stored in local storage.

The claim comes from Elcomsoft, a well-known Russian forensics company, that specializes in creating tools to break into iPhones came across the vulnerability first, as it worked to update its phone-breaking tools.

The security form found out backup on iOS 10 uses a new password verification mechanism that reportedly skips multiple security checks.

In iOS 10 backups and password are protected, but when a hacker gets access to any one of these backup files without the password, he can crack the encryption approximately 2500 times faster compared to the old mechanism used in iOS 9 and older.

Earlier, the company could only process 2,400 passwords per second, but now it can process 6 million passwords at the same time using iOS 10.

Elcomsoft noted that while breaking into the physical phone or iCloud has been made increasingly difficult, accessing backups stored on the computer can potentially put your data under risk.

Apple said, an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups.

We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption.

 

 

Comments