The year was 2008, and I had been staying at a hotel in Bogota. This trip was just one of many to Columbia that year. Before my trip, I’d had my former girlfriend, Darci, stop by and help me swap out the hard drive in my MacBook Pro laptop. Remember, this is 2008, and at the time, replacing a drive in a MacBook Pro wasn’t nearly as easy as replacing hard drives these days. Darci swapped out my original hard drive with a brand-new drive, which I then formatted and installed macOS.  I had her swap the drive out for security reasons. I didn’t want to cross the border into a foreign country with all of my client data. Especially not after what happened to me in Atlanta! But we’ll get to that later.

Everyone’s iPhones contain overwhelming amounts of highly sensitive personal information. Even if some of that data is not stored on the device, the iPhone itself or the data inside can work as a key to other many things from bank accounts to private family life. While there are many possible vectors of attack, the attacker will always try exploiting the weakest link. Learn to think like one, find the weakest link and eliminate the potential vulnerabilities before they are exploited. This guide comes from the forensic guys making tools for the law enforcement, helping the good guys break into the bad guys’ iPhones.

19 years ago, on July 16, 2001, the FBI arrested Dmitry Sklyarov, almost immediately after his speech at the DEF CON hacker conference, on a number of charges by Adobe. Dmitry was accused of many things, from software trafficking to conspiring with Elcomsoft and “third parties”, who put up the software for sale that could bypass technological protection on copyrighted material. Dmitry’s career at Elcomsoft began with a project on gaining access to protected Access databases. Soon, Dmitry got an idea about the security of PDF documents, and so he started working on it. From this idea the never-to-be-forgotten Advanced eBook Processor was born, because of which Dmitry was arrested in 2001 at DEF CON in Las Vegas, NV.

Having trouble installing the checkra1n jailbreak? If you do it right, you achieve a nearly 100% success rate. We have collected the most important information on how to install and troubleshoot the checkra1n jailbreak. By following these advises, you will be able to jailbreak like a pro, whether you just want to research your own device or perform the file system and keychain acquisition.

How can you obtain the highest amount of data from an iPhone, iPad, Apple TV or Apple Watch? This is not as simple as it may seem. Multiple overlapping extraction methods exist, and some of them are limited to specific versions of the OS. Let’s go through them and summarize their availability and benefits.

Is jailbreaking an Apple TV worth it? If you are working in the forensics, it definitely is. When connected to the user’s Apple account with full iCloud access, the Apple TV synchronizes a lot of data. That data may contain important evidence, and sometimes may even help access other iCloud data. I have some great news for the forensic crowd: the Apple TV does not have a passcode. And some bad news: jailbreaking is not as easy and straightforward as we’d like it to be. Let’s have a look at what can be done.

There is a bit of confusion about our software designed to allow breaking into password-protected systems, files, documents, and encrypted containers. We have as many as three products (and five different tools) dealing with the matter: Elcomsoft Forensic Disk Decryptor (with an unnamed memory dumping tool), Elcomsoft System Recovery and Elcomsoft Distributed Password Recovery, which also includes Elcomsoft Hash Extractor as part of the package. Let’s briefly go through all of them. Hopefully it will help you select the right product for your needs and save time in your investigation.

“We shouldn’t ask our customers to make a tradeoff between privacy and security. We need to offer them the best of both. Ultimately, protecting someone else’s data protects all of us.” Guess who said that? The answer is at the end of the article. In the meantime, we keep talking of iPhone and iOS security, following up the Apple vs. Law Enforcement – iOS 4 through 13.5 article. This time we are about to discuss some other aspects of iOS security.

Last week, Microsoft Edge has become the second most popular desktop Web browser based on NetMarketShare usage figures. The new, Chromium-powered Edge offers impressive levels of customization and performance, much better compatibility with Web sites. The new browser is available on multiple platforms including older versions of Windows. With Chromium-based Edge quickly gaining momentum, we felt the urge of researching its protected storage.

Modern encryption tools employ strong encryption with multiple hash iterations, making passwords extremely difficult to break. The November article “What is password recovery and how it is different from password cracking” explains the differences between instantly accessing protected information and attempting to break the original plain-text password. In that article, I briefly mentioned GPU acceleration and distributed attacks as methods to speed up the recovery. In this article, I’ll discuss the two acceleration techniques in more detail.