Major security breaches occur in quick succession one after another. Is it a chain reaction? How do we stop it?

BitLocker, PGP and TrueCrypt set industry standard in the area of whole-disk and partition encryption. All three tools provide strong, reliable protection, and offer a perfect implementation of strong crypto.

Preface

Switching iPhones into a DFU (Device Firmware Update) mode is a hassle. Power off, press that and hold those that many seconds, release this but continue holding that until hopefully something happens on the phone. Many iPhone users have major troubles switching their iPhones into DFU mode. Luckily for them, they don’t have to do the Apple Dance too often.

We’ve analyzed 17 popular password management apps available for Apple iOS and BlackBerry platforms, including free and commercially available tools, and discovered that no single password keeper app provides a claimed level of protection. None of the password keepers except one are utilizing iOS or BlackBerry existing security model, relying on their own implementation of data encryption. ElcomSoft research shows that those implementations fail to provide an adequate level of protection, allowing an attacker to recover encrypted information in less than a day if user-selectable Master Password is 10 to 14 digits long.

We runned yet another Password Usage Bahaviour survey on our Web site and gthered statistically significant data, reflected in the following charts. And the main conclusion was that most people working with sensitive information want stricter security policies but rarely bother changing default passwords.

SANS Information Security Reading Room has recently publicized a whitepaper about iOS security where they mentioned our software – Elcomsoft iOS Forensic Toolkit – in a section about encryption. Kiel Thomas, the author of the whitepaper, explained one more time the main principles of iOS 4 encryption, which became stronger in comparison with iOS 3.x and how our toolkit can bypass new strong algorithms.