Intelligent Load Balancing: Optimizing Password Recovery Across Heterogeneous Units

November 14th, 2024 by Oleg Afonin

In the latest update of Elcomsoft Distributed Password Recovery (EDPR), we’ve introduced a revamped load-balancing feature. The new feature aims to enhance resource utilization on local workstations across diverse hardware configurations. This update has drastically reduced the time required to break passwords in certain hardware configurations, thanks to a refined load distribution algorithm. In this article, we’ll share some technical details on how load balancing leverages a mix of GPUs and CPU cores.

Read the rest of this entry »

Elcomsoft and The Case of the Apple iPad

November 12th, 2020 by Shafik Punja

For almost a decade, if not longer, I have collaborated with Vladimir Katalov on various digital forensics research topics.  He has always been a great source of guidance, especially on iOS related challenges.  When he offered me a standing invitation to post on the Elcomsoft Blog, I felt very humbled and honored to be given the opportunity to post on the ElcomSoft Blog, and I would like to thank the ElcomSoft team.  This article has also been prepared together, with Vladimir Katalov.

Read the rest of this entry »

iOS 14.2, iOS 12.4.9, the Updated checkra1n 0.12 Jailbreak and File System Extraction

November 11th, 2020 by Vladimir Katalov

It’s been a week since Apple has released iOS 14.2 as well as iOS 12.4.9 for older devices. Just a few days later, the developers updated the checkra1n jailbreak with support for new devices and iOS versions. What does that mean for iOS forensics? Let’s have a look; we have done some testing, and our discoveries are positively consistent with our expectations. Just one exception: to our surprise, Apple did not patch the long lasting vulnerability in iOS 12.4.9 that leaves the door open to full file system extraction and keychain acquisition without jailbreaking.

Read the rest of this entry »

Protecting iMessage Communications

November 4th, 2020 by Oleg Afonin

How secure are your chats in your favorite instant messenger? Can someone intercept and read your secret conversations, and can you do something about it? Apple users have access to the highly popular instant messaging system, the iMessage. But how secure it really is? Let’s find out.

Read the rest of this entry »

Breaking Intuit Quicken and QuickBooks Passwords in 2021

November 2nd, 2020 by Oleg Afonin

Intuit Quicken is one of the oldest tools of its kind. Over the years, Quicken had become the de facto standard for accounting, tax reporting and personal finance management in North America.

Read the rest of this entry »

Five Hundred Posts

October 30th, 2020 by Vladimir Katalov

Believe me or not, but this is exactly the 500th post in our blog! The first one was posted in March 2009 and was about Distributed Password Recovery and GPU acceleration. At that time, we even did not do mobile or cloud forensics. Today it’s not about our achievements. I want to thank you for being with us, and share a few bits and pieces about our blog that you may find handy or at least amusing.

Read the rest of this entry »

The Forensic View of iMessage Security

October 29th, 2020 by Vladimir Katalov

Apple iMessage is an important communication channel and an essential part of forensic acquisition efforts. iMessage chats are reasonably secure. Your ability to extract iMessages as well as the available sources of extraction will depend on several factors. Let’s discuss the factors that may affect your ability to extract, and what you can do to overcome them.

Read the rest of this entry »

May the [Brute] Force Be with You!

October 28th, 2020 by Vladimir Katalov

Remember the good old times when there was a lot of applications with “snake oil” encryption? You know, the kind of “peace of mind” protection that allowed recovering or removing the original plaintext password instantly? It is still the case for a few “we-don’t-care” apps such as QuickBooks 2021, but all of the better tools can no longer be cracked that easily. Let’s review some password recovery strategies used in our software today.

Read the rest of this entry »

Extracting the iPhone: (No) Tools Required?

October 27th, 2020 by Vladimir Katalov

If the iPhone is locked with a passcode, it is considered reasonably secure. The exception are some older devices, which are relatively vulnerable. But what if the passcode is known or is not set? Will it be easy to gain access to all of the data stored in the device? And why do we have the countless forensic tools –is analysis and reporting the sole reason for their existence? Not really. If you’ve been wondering what this acquisition thing is all about, this article is for you.

Read the rest of this entry »

13 Years of GPU Acceleration

October 22nd, 2020 by Oleg Afonin

Today, we have an important date. It’s been 13 years since we invented a technique that reshaped the landscape of modern password recovery. 13 years ago, we introduced GPU acceleration in our then-current password recovery tool, enabling the use of consumer-grade gaming video cards for breaking passwords orders of magnitude faster.

Read the rest of this entry »

iOS Extraction Without a Jailbreak: Finally, Zero-Gap Coverage for iOS 9 through iOS 13.5 on All Devices

October 21st, 2020 by Oleg Afonin

We have plugged the last gap in the range of iOS builds supported on the iPhone 5s and 6. The full file system extraction and keychain decryption is now possible on these devices regardless of the version of iOS they are running – at least if that’s iOS 9 or newer. For all other iOS devices up to and including the iPhone 11 Pro Max, we can extract them without a jailbreak if they are running iOS 9 through 13.5 without exceptions. Read how we made this possible.

Read the rest of this entry »