Dealing with a Locked iPhone

April 15th, 2016 by Oleg Afonin

So you’ve got an iPhone, and it’s locked, and you don’t know the passcode. This situation is so common, and the market has so many solutions and “solutions” that we felt a short walkthrough is necessary.

What exactly can be done to the device depends on the following factors:

Hardware Generation

iphone2

From the point of view of mobile forensics, there are three distinct generations:

  1. iPhone 4 and older (acquisition is trivial)
  2. iPhone 4S, 5 and 5C (32-bit devices, no Secure Enclave, jailbreak required, must be able to unlock the device)
  3. iPhone 5S, 6/6S, 6/6S Plus and newer (64-bit devices, Secure Enclave, jailbreak required, passcode must be known and removed in Settings)

Read the rest of this entry »

Apple Two-Factor Authentication vs. Two-Step Verification

April 1st, 2016 by Oleg Afonin

Two-step verification and two-factor authentication both aim to help users secure their Apple ID, adding a secondary authentication factor to strengthen security. While Apple ID and password are “something you know”, two-step verification (and two-factor authentication) are both based on “something you have”.

However, Apple doesn’t make it easy. Instead of using a single two-factor authentication solution (like Google), the company went for two different processes with similar usability and slightly different names. What are the differences between the two verification processes, and how do they affect mobile forensics? Let’s try to find out.
Read the rest of this entry »

Smartphone Encryption: Why Only 10 Per Cent of Android Smartphones Are Encrypted

March 21st, 2016 by Oleg Afonin

“Had San Bernardino shooter Syed Rizwan Farook used an Android phone, investigators would have had a better chance at accessing the data”, says Jack Nicas in his article in The Wall Street Journal. Indeed, the stats suggest that only 10 per cent of the world’s 1.4 billion Android phones are encrypted, compared with 95 per cent of Apple’s iPhones. Of those encrypted, a major number are using Nexus smartphones that have encryption enforced by default.

What is the reason behind this low encryption adoption rate among Android users? Let’s first have a look at how encryption is enforced by two major mobile OS manufacturers, then look at how it’s implemented by either company. Read the rest of this entry »

Apple vs. the Government: Follow-up

February 22nd, 2016 by Oleg Afonin

We are closely following the case of Apple battling the US government on unlocking the iPhone of San Bernardino mass murderer Farook who killed 14 in December 2015. In our previous post we looked at what the FBI was asking, and why Apple opposes the motion.

On February 19th, a new document shows up. The “GOVERNMENT’S MOTION TO COMPEL APPLE INC. TO COMPLY WITH THIS COURT’S FEBRUARY 16, 2016 ORDER COMPELLING ASSISTANCE IN SEARCH; EXHIBIT”. In this document (which is a highly recommended reading by the way), government attorneys summarize several important points and reply to the many Apple’s and public concerns raised after the original court order. So what do we know today about this case that we didn’t know last week?

The Passcode Is Numeric

The government states that the iPhone 5C in question is protected with a numeric password (see the above motion, p.5/13). This, in turn, means that all possible combinations can be enumerated in about 30 minutes (if the passcode consists of 4 digits) or several days (if there were 6 digits).

In other words, Apple could disable the artificial delay that increases the time between unsuccessful entries, as well disable as the provision that may wipe the phone’s data after 10 unsuccessful attempts. The company could then run an attack on the passcode (using either an in-house tool or one of the many existing forensic solutions such as Elcomsoft iOS Forensic Toolkit), and unlock the device in almost no time.
Read the rest of this entry »

A Message to Our Customers, Apple and FBI

February 18th, 2016 by Vladimir Katalov

On Tuesday, a federal judge ordered Apple to assist the authorities in breaking into a locked iPhone 5C used by Syed Farook, who killed 14 in San Bernardino in December. According to the FBI, the phone might contain critical information about connections with Islamic terrorist groups. Apple opposed the motion and published an open letter at https://www.apple.com/customer-letter/ saying that “The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.”

So what is the government asking, does Apple have it, and is it technically possible to achieve what they are asking? Let’s try to find out.

Read the rest of this entry »

Discounts and Novelties From Our ElcomShop!

February 5th, 2016 by Olga Koksharova

Dear friends, here we come with a set of novelties from our ElcomShop. We’ve made a few new designs and added new fancy products, such as long sleeve shirts for girls and baseball caps for boys and separately for dads 🙂 and mugs for everyone. All company designs applied to a wide and varied range of products can be found in our shop window.

Good quality souvenirs from our shop will brighten your day and please your eyes. Placing an order is as easy as 1-2-3, simply choose an item, specify its color and size – and voila. And the best part of your order is that you don’t have to pay for delivery!

Yes, enjoy your absolutely free standard shipping for all orders over $50 till February 16, 2016. Use your exclusive coupon code FREESHIP2016 in order to save on delivery, and have a lovely shopping!

newitems

Elcomsoft Phone Breaker 5.20: Direct iCloud Access and iOS 9.3 Support

February 4th, 2016 by Oleg Afonin

Apple is currently testing a new major iOS release, the iOS 9.3. At this time, the second beta version is available. We looked into what has changed in the new OS, and discovered that iOS 9.3 introduces some minor changes to encryption of certain data stored in cloud backups. However minor, these changes effectively prevented older versions of Elcomsoft Phone Breaker from decrypting the data, which made us release an update ASAP. In addition, we were able to discover and fix the issue with some iOS 9.2 backups not properly decrypting (which wasn’t easy since the issue was intermittent). Finally, we got rid of the requirement to have iCloud for Windows installed as Elcomsoft Phone Breaker shifts to using direct access API.
Read the rest of this entry »

Hacking For Dummies by Kevin Beaver (5th edition)

January 29th, 2016 by Olga Koksharova

HFDIt is our greatest pleasure to recommend the newest edition of “Hacking For Dummies” by Kevin Beaver, an independent IT security consultant, a practical guide on computer and mobile security updated to the current state of industry. With a natural talent of word Kevin easily guides you through security issues in a very clear and consistent manner, so that all major aspects of IT security, authentication and pen-testing are covered. With such a harmonious and sequential unveiling of security subjects as in this book, it is much easier to dig deeper into particular questions of your own interest.

We know Kevin Beaver from long ago, since that very happy moment when he decided to check out our software and see how it works. Having tried all our tools and providing professional feedback Kevin immensely contributed towards our software developments.

Now it’s a great honor for us to be mentioned in various editions of his book, including the latest one, with reference to practically all of our programs, primarily because they are all meant for getting access to password protected data or encrypted disks and crypto containers. Reverse engineering and data decryption is our main focus since the very beginning of the company. However, lately the focus of our attention has been slowly drifting more “into the cloud” taking the shape of such products as Elcomsoft Explorer for WhatsApp or Elcomsoft Cloud eXplorer for Google Accounts. And it is not a coincidence that Kevin’s book covers cloud security topic as well. So, get these 408 pages of hacks and tips against them right meow and enjoy your reading.

RSS for posts
RSS for comments
Subscribe
ElcomSoft on Facebook
ElcomSoft on Flickr
ElcomSoft on Twitter
    follow me on Twitter