The Evolution of iOS Passcode Security
January 31st, 2025 by Oleg Afonin
Over the years, Apple has continuously refined its security mechanisms to deter unauthorized access to their devices. One of the most significant aspects of this evolution is the increasingly sophisticated passcode protection system in iOS devices. This article explores how the delay between failed passcode attempts has evolved over time, highlighting changes that have made iOS screen lock protection more secure.
Breaking Wi-Fi Passwords with Intel Arc Graphics Cards
May 30th, 2023 by Oleg Afonin
Intel has unveiled its latest lineup of dedicated graphics cards, driven by the powerful Intel Xe architecture. The Intel Arc series showcases impressive performance, rivaling mid-range offerings from competing brands, while maintaining an exceptional price-performance ratio that outperforms NVIDIA’s counterparts. In this article, we explore the potential of Intel Arc GPUs for forensic password recovery and delve into their performance capabilities, comparing them with both Intel’s built-in graphics and mid-range NVIDIA RTX boards.
NVIDIA RTX 40 Series Graphics Cards: The Faster and More Efficient Password Recovery Accelerators
May 18th, 2023 by Oleg Afonin
Every three years, NVIDIA releases a new architecture used in their GeForce series graphics cards. Powered by Ada Lovelace, the new generation of GPUs delivers 80% better performance in password recovery compared to Ampere. While the new generation of NVIDIA graphics is faster and more efficient than Ampere, it also received a price hike. Is the update worth it for the forensic experts? Let’s try to find out.
iOS Forensic Toolkit and Open Source
May 4th, 2023 by Oleg Afonin
As a provider of mobile forensic tools, we at Elcomsoft strongly believe in giving back to the community. Our iOS Forensic Toolkit (EIFT) is a highly complex and powerful mobile acquisition tool, consisting of almost eighty sub-projects, many of which are open source. While we have benefited from the contributions of the community, we also believe that it’s time to contribute back to the open source community by publishing our changes to those projects as required by their permissive license.
Low-level Extraction for iOS 15
May 2nd, 2023 by Oleg Afonin
Last month, we introduced a new low-level mechanism, which enabled access to parts of the file system from many Apple devices. The partial extraction process relies on a weak exploit that did not allow full sandbox escape. Today, the limitations are gone, and we are proud to offer the full file system extraction and keychain decryption for the entire iOS 15 range up to and including iOS/iPadOS 15.7.2.
Analyzing iPhone PINs
April 18th, 2023 by Oleg Afonin
In recent years, Apple had switched from 4-digit PINs to 6 digits, while implementing blacklists of insecure PIN codes. How do these measures affect security, how much more security do six-digit PINs deliver compared to four-digit PINs, and do blacklists actually work? Let’s try to find out.
Automating Scrolling Screenshots with Raspberry Pi Pico
April 13th, 2023 by Oleg Afonin
The recent update to iOS Forensic Toolkit brought two automations based on the Raspberry Pi Pico board. One of the new automations makes it possible to make long, scrollable screen shots in a semi-automatic fashion. In this article we will show how to build, program, and use a Raspberry Pi Pico board to automate scrolling screenshots.
Automating DFU Mode with Raspberry Pi Pico
April 12th, 2023 by Vladimir Katalov
The latest update to iOS Forensic Toolkit brings two new features, both requiring the use of a Raspberry Pi Pico board. The first feature automates the switching of iPhone 8, iPhone 8 Plus, and iPhone X devices into DFU, while the second feature adds the ability to make long, scrollable screen shots in a semi-automatic fashion. In this article we will show how to build, program, and use a Raspberry Pi Pico board to automate DFU mode.
Perfect Acquisition Part 4: The Practical Part
April 11th, 2023 by Elcomsoft R&D
Welcome to Part 4 of the Perfect Acquisition series! In case you missed the other parts (1, 2, and 3), please check them out for more background information, or dive straight in and learn how to perform Perfect HFS Acquisition yourself. This section contains a comprehensive guide on how to perform the Perfect HFS Acquisition procedure.
Perfect Acquisition Part 3: Perfect HFS Acquisition
April 6th, 2023 by Elcomsoft R&D
Welcome to Part 3 of the Perfect Acquisition series! If you haven’t read Part 1 and Part 2 yet, be sure to check them out before proceeding with this article. In this section, we will introduce our newly developed Perfect HFS Acquisition method, which enables the extraction of data from legacy iOS devices that do not have SEP and utilize the HFS file system.
HomePod Forensics III: Analyzing the Keychain and File System
April 4th, 2023 by Oleg Afonin
In the previous articles we explained how to connect the first-generation HomePod to a computer, apply the exploit, extract a copy of the file system and decrypt the keychain. Since the HomePod cannot be protected with a passcode and does not allow installing apps, we were wondering what kinds of data the speaker may have and what kinds of passwords its keychain may store.
