Archive for the ‘Tips & Tricks’ Category

Dealing with a Locked iPhone

Friday, April 15th, 2016

So you’ve got an iPhone, and it’s locked, and you don’t know the passcode. This situation is so common, and the market has so many solutions and “solutions” that we felt a short walkthrough is necessary.

What exactly can be done to the device depends on the following factors:

Hardware Generation

iphone2

From the point of view of mobile forensics, there are three distinct generations:

  1. iPhone 4 and older (acquisition is trivial)
  2. iPhone 4S, 5 and 5C (32-bit devices, no Secure Enclave, jailbreak required, must be able to unlock the device)
  3. iPhone 5S, 6/6S, 6/6S Plus and newer (64-bit devices, Secure Enclave, jailbreak required, passcode must be known and removed in Settings)

(more…)

Apple Two-Factor Authentication vs. Two-Step Verification

Friday, April 1st, 2016

Two-step verification and two-factor authentication both aim to help users secure their Apple ID, adding a secondary authentication factor to strengthen security. While Apple ID and password are “something you know”, two-step verification (and two-factor authentication) are both based on “something you have”.

However, Apple doesn’t make it easy. Instead of using a single two-factor authentication solution (like Google), the company went for two different processes with similar usability and slightly different names. What are the differences between the two verification processes, and how do they affect mobile forensics? Let’s try to find out.
(more…)

Hacking For Dummies by Kevin Beaver (5th edition)

Friday, January 29th, 2016

HFDIt is our greatest pleasure to recommend the newest edition of “Hacking For Dummies” by Kevin Beaver, an independent IT security consultant, a practical guide on computer and mobile security updated to the current state of industry. With a natural talent of word Kevin easily guides you through security issues in a very clear and consistent manner, so that all major aspects of IT security, authentication and pen-testing are covered. With such a harmonious and sequential unveiling of security subjects as in this book, it is much easier to dig deeper into particular questions of your own interest.

We know Kevin Beaver from long ago, since that very happy moment when he decided to check out our software and see how it works. Having tried all our tools and providing professional feedback Kevin immensely contributed towards our software developments.

Now it’s a great honor for us to be mentioned in various editions of his book, including the latest one, with reference to practically all of our programs, primarily because they are all meant for getting access to password protected data or encrypted disks and crypto containers. Reverse engineering and data decryption is our main focus since the very beginning of the company. However, lately the focus of our attention has been slowly drifting more “into the cloud” taking the shape of such products as Elcomsoft Explorer for WhatsApp or Elcomsoft Cloud eXplorer for Google Accounts. And it is not a coincidence that Kevin’s book covers cloud security topic as well. So, get these 408 pages of hacks and tips against them right meow and enjoy your reading.

Forensic Acquisition: Android

Friday, January 29th, 2016

While here at ElcomSoft we offer a limited range of tools for acquiring Android devices that’s pretty much limited to over-the-air acquisition, we are still often approached with questions when one should use cloud extraction, and when other acquisition methods should be used. In this article, we decided to sum up our experience in acquiring the various Android devices, explaining why we decided to go for a cloud acquisition tool instead of implementing the many physical and logical extraction methods. This article is a general summary of available acquisition methods for the various makes, models, chipsets and OS versions of Android smartphones. The article is not intended to be a technical guide; instead, it’s supposed to give you a heads-up on approaching Android acquisition.

(more…)

Google Timeline: How Law Enforcement Can Use Google Data

Monday, January 25th, 2016

As we all know, Google collects and processes an awful lot of data about pretty much everyone who is using the company’s cloud services or owns a smartphone running the Android OS (or, to be precise, is using a device with Google Mobile Services). Just how much data is available was described in our previous article, What Google Knows about You, and Why It Matters. Today, we’ll discuss something slightly different. Meet Google Timeline, a relatively new feature extending the company’s Maps service.

(more…)

What Google Knows About You, and Why It Matters

Tuesday, December 22nd, 2015

In today’s thoroughly connected world, everyone shares at least some of their personal information with, well, strangers. Voluntarily or not, people using personal computers or mobile devices have some of their information transmitted to, processed, stored and used by multiple online service providers.

Took a selfie shot? Your face (and possibly your friends’ faces) will be marked, and the photo will be uploaded to one or another cloud storage provider on your behalf. Used your phone to look up a place to eat? Your search will be remembered and used later on to push you suggestions next time when you’re around. Emails and messages that you write, persons you communicate with, your comprehensive location history and all the photos you shoot (accompanied with appropriate geotags) are carefully collected, processed and stored. Web sites you visit along with logins and passwords, your complete browsing history and pretty much everything you do with your phone can and probably will be recorded and used on you to “enhance your experience”.

Some service providers collect more information than others. Google appears to be the absolute champion in this regard. Being a major service provider penetrating into every area of our lives, Google collects, stores and processes overwhelming amounts of data.

(more…)

Elcomsoft Distributed Password Recovery Updated with OS X Keychain Support and Enhanced GPU Acceleration

Thursday, November 26th, 2015

We’ve recently updated Elcomsoft Distributed Password Recovery, adding enhanced GPU-assisted recovery for many supported formats. In a word, the new release adds GPU-accelerated recovery for OS X keychain, triples BitLocker recovery speeds, improves W-Fi password recovery and enhances GPU acceleration support for Internet Key Exchange (IKE).

(more…)