Intelligent Load Balancing: Optimizing Password Recovery Across Heterogeneous Units
November 14th, 2024 by Oleg Afonin
In the latest update of Elcomsoft Distributed Password Recovery (EDPR), we’ve introduced a revamped load-balancing feature. The new feature aims to enhance resource utilization on local workstations across diverse hardware configurations. This update has drastically reduced the time required to break passwords in certain hardware configurations, thanks to a refined load distribution algorithm. In this article, we’ll share some technical details on how load balancing leverages a mix of GPUs and CPU cores.
Forensic Implications of iOS Lockdown (Pairing) Records
November 25th, 2016 by Oleg Afonin
In recent versions of iOS, successful acquisition of a locked device is no longer a given. Multiple protection layers and Apple’s new policy on handling government requests make forensic experts look elsewhere when investigating Apple smartphones.
“We take privacy very seriously” – Apple, we do not buy it, sorry
November 18th, 2016 by Vladimir Katalov
Good news: Apple has officially responded.
iOS Call Syncing: How It Works
November 17th, 2016 by Vladimir Katalov
In our previous article, we figured that iPhone call logs are synced with iCloud. We performed multiple additional tests to try to understand exactly how it works, and are trying to guess why.
iPhone User? Your Calls Go to iCloud
November 17th, 2016 by Oleg Afonin
iCloud sync is everywhere. Your contacts and calendars, system backups and photos can be stored in the cloud on Apple servers. This time, we discovered that yet another piece of data is stored in the cloud for no apparent reason. Using an iPhone and have an active iCloud account? Your calls will sync with iCloud whether you want it or not. In fact, most users we’ve heard from don’t want this “feature”, yet Apple has no official way to turn off this behavior other than telling people “not using the same Apple ID on different devices”. What’s up with that? Let’s try to find out.
Our First Book is Officially Out
October 10th, 2016 by Oleg Afonin
Today we are super excited: our first book on mobile forensics just got published! The book is called “Mobile Forensics – Advanced Investigative Strategies”, and is about everything you need to successfully acquire evidence from the widest range of mobile devices. Unlike most other books on this subject, we don’t just throw file names or hex dumps at your face. Instead, we discuss the issues of seizing mobile devices and preserving digital evidence before it reaches the lab; talk about acquisition options available in every case, and help you choose the correct acquisition path to extract evidence with least time and minimal risk.
Elcomsoft Cloud Explorer: Extracting Call Logs and Wi-Fi Passwords
October 3rd, 2016 by Oleg Afonin
Google is pushing Android to make it a truly secure mobile OS. Mandatory encryption and secure boot make physical acquisition of new Android devices a dead end.
iOS 10: Security Weakness Discovered, Backup Passwords Much Easier to Break
September 23rd, 2016 by Oleg Afonin
We discovered a major security flaw in the iOS 10 backup protection mechanism. This security flaw allowed us developing a new attack that is able to bypass certain security checks when enumerating passwords protecting local (iTunes) backups made by iOS 10 devices.
Breaking FileVault 2 Encryption Through iCloud
August 29th, 2016 by Oleg Afonin
FileVault 2 is a whole-disk encryption scheme used in Apple’s Mac OS X using secure XTS-AES encryption to protect the startup partition. Brute-forcing your way into a crypto container protected with a 256-bit key is a dead end.
iCloud Photo Library: All Your Photos Are Belong to Us
August 25th, 2016 by Oleg Afonin
Releasing a major update of a complex forensic tool is always tough. New data locations and formats, new protocols and APIs require an extensive amount of research. Sometimes, we discover things that surprise us. Researching Apple’s iCloud Photo Library (to be integrated into Elcomsoft Phone Breaker 6.0) led to a particularly big surprise. We discovered that Apple keeps holding on to the photos you stored in iCloud Photo Library and then deleted, keeping “deleted” images for much longer than the advertised 30 days without telling anyone. Elcomsoft Phone Breaker 6.0 becomes the first tool on the market to gain access to deleted images going back past 30 days.
iOS Logical Acquisition: The Last Hope For Passcode-Locked Devices?
August 11th, 2016 by Oleg Afonin
For many months, a working jailbreak was not available for current versions of iOS. In the end of July, Pangu released public jailbreak for iOS 9.2-9.3.3. A few days ago, Apple patched the exploit and started seeding iOS 9.3.4. This was the shortest-living jailbreak in history.
