Eighteen Years of GPU Acceleration
November 27th, 2025 by Oleg Afonin
Eighteen years ago, before “GPU acceleration” and “AI data center” became household terms, a small hi-tech company changed the rules of cryptography. In 2007, we unveiled a radical idea – using the untapped power of graphics processors to recover passwords, which coincided with the release of video cards capable of performing fixed-point calculations. What began as an experiment would soon redefine performance computing across nearly every field.
Apple, FBI and iPhone Backup Encryption: Everything You Wanted to Know
January 7th, 2021 by Vladimir Katalov
Shame on us, we somehow missed the whole issue about Apple dropping plan for encrypting backups after FBI complained, even mentioned in The Cybersecurity Stories We Were Jealous of in 2020 (and many reprints). In the meantime, the article is full of rumors, guesses, and unverified and technically dubious information. “Fake news”, so to say. Is there truth to the rumors, and what does Apple do and does not do when it comes to encrypting your personal information?
Apple Scraps End-to-End Encryption of iCloud Backups
January 6th, 2021 by Oleg Afonin
Reportedly, Apple dropped plan for encrypting backups after FBI complained. Apple’s decision will undoubtedly cause turmoil and will have a number of consequences. In this article, I want to talk about the technical reasons for encrypting or not encrypting cloud backup, and compare Apple’s approach with the data encryption strategies used by Google, who have been encrypting Android backups for several years.
Understanding BitLocker TPM Protection
January 5th, 2021 by Andrey Malyshev
Investigating a BitLocker-encrypted hard drive can be challenging, especially if the encryption keys are protected by the computer’s hardware protection, the TPM. In this article, we’ll talk about the protection that TPM chips provide to BitLocker volumes, and discuss vulnerabilities found in today’s TPM modules.
2020 in Review: What Was New in Desktop and Mobile Forensics
December 28th, 2020 by Oleg Afonin
This year is different from many before. The Corona pandemic, the lack of travel and canceled events had changed the business landscape for many forensic companies. Yet, even this year, we made a number of achievements we’d love to share.
NAS Forensics: QNAP Encryption Analysis
December 23rd, 2020 by Oleg Afonin
A year ago, we analyzed the encryption used in Synology NAS devices. We were somewhat disappointed by the company’s choice to rely on a single encryption layer with multiple functional restrictions and security reservations. Today we are publishing the results of our analysis of data encryption used in QNAP devices. Spoiler: it’s very, very different.
iPhone Backups: Top 5 Default Passwords
December 22nd, 2020 by Vladimir Katalov
The iPhone backup is one of the hottest topics in iOS forensics. iTunes-style backups are the core of logical acquisition used by forensic specialists, containing overwhelming amounts of evidence that is is unrivaled on other platforms. The backups, as simple as they seem, have many “ifs” and “buts”, especially when it comes to password protection. We wrote a thousand and one articles about iOS backup passwords, but there is always something fresh that comes out. Today we have some new tips for you.
New Privacy Features: iOS 14.0 through 14.3
December 18th, 2020 by Oleg Afonin
Apple has long provided its users the tools to control how apps and Web sites use their personal data. The release of iOS 14 brought a number of new privacy features, while iOS 14.3 adds an important extra. At the same time, one of the most interesting privacy features is facing tough opposition from a group of digital advertising associations, making Apple postpone its implementation.
Breaking Passwords with NVIDIA RTX 3080 and 3090
December 17th, 2020 by Oleg Afonin
Today we have an important date. Advanced Office Password Recovery turned 16. What started as an instant recovery tool for legacy versions of Microsoft Word had now become a GPU-accelerated toolkit for breaking the many Microsoft formats. Today we’re releasing a major update, giving Advanced Office Password Recovery and Distributed Password Recovery tools the ability to crunch passwords faster with the newest and latest NVIDIA 3000-series graphic boards. Powered by Ampere, the new generation of GPUs delivers unprecedented performance in modern video games. How do the new cards fare when it comes to accelerating the password recovery, and is an upgrade worth it for the forensic experts? Let’s find out.
Recovering Screen Time Passwords
December 15th, 2020 by Vladimir Katalov
The Screen Time password has been long recommended as an extra security layer. By setting a Screen Time password without any additional restrictions, Apple users could easily dodge attempts of changing or removing the screen lock passcode, resetting the iTunes backup password, or removing the activation lock. For a long time, removing the Screen Time password was not possible without either providing the original password or erasing the device. However, Apple had changed the way it works, making it possible to reset the Screen Time password with an iCloud/Apple ID password.
Elcomsoft vs. Hashcat Part 4: Case Studies
December 9th, 2020 by Andrey Malyshev
This is the final part of the series of articles comparing Elcomsoft Distributed Password Recovery with Hashcat. We’ve already compared the features, the price and performance of the two tools. In this study, we tried breaking passwords to several common formats, including Word document, an encrypted ZIP archive, and a VeraCrypt container. We summarized our experiences below.
