Bypassing Stolen Device Protection: Alternative Ways of Installing the Extraction Agent
June 24th, 2026 by Oleg Afonin
Stated plainly: iOS Forensic Toolkit can now get past Stolen Device Protection. There is a catch, and it belongs up front: this is not a magic unlock, and anyone selling it as one is selling something. What we have built is a way to install the extraction agent without ever pairing the iPhone to the workstation over a USB port. Because the most disruptive thing SDP does to a forensic workflow is place Face ID or Touch ID in front of that pairing step, bypassing the pairing step bypasses the gate. You still need the device passcode, a paid Apple Developer account, and a device you are authorized to examine. With those in hand, SDP is no longer the wall it was a month ago.
Office 2010: two times more secure
July 28th, 2009 by Andrey Malyshev
We are waiting for release of new Microsoft office suite – Office 2010. Right now Microsoft has only technical preview of new Office; this preview has been leaked from Microsoft and everyone can download it with the help of torrent trackers. We’ve got a copy of Office 2010 and analysed its (new) password protection.
ElcomSoft News
July 22nd, 2009 by Katerina Korolkova, Direktur Humas
As the second summer month is coming to an end, it’s time to sum up our news and updates that you might have missed because of vacation in some tropical heaven. Last two weeks brought us really hot days, not only because of the temperature in Moscow City but also due to hard work on program updates. Here is the news:
Password masking: myths and truths
July 7th, 2009 by Vladimir Katalov
In brief, here is the "problem": for years (I think starting from Windows 3.0 released almost 20 years ago), the passwords are being masked as you type them (in most programs what have any kind of password protection, and an operating system itself), i.e. replaced with asterisks or black circles. What for? To prevent the password from being read by someone who stands behind you.
Disaster Recovery and its key objectives
July 6th, 2009 by Olga Koksharova
New statistics* shows disaster recovery (DR) is getting more attention, and more upper level execs become involved with DR issues. Ideally, each company should have an emergency plan in case of power/system failure, loss of access, outside attack, sabotage or else – called DRP (disaster recovery plan) or even DRRP (disaster response and recovery plan). DRP is only a part of risk management practices which ensure emergency preparedness and risk reduction and include such initiatives as regular data backups, stocking recovery software, archiving, etc. – these activities are reflected in PMI and NIST standards.
Encryption and decryption from security law perspective (Part II)
July 3rd, 2009 by Olga Koksharova
In my previous post I suggested several variants of computer security translated by different laws. Now I’d like to get to ciphers…again viewed by law.
Rumored AMD Phenom II X4 TWKR chips accessible?
July 1st, 2009 by Olga Koksharova
Not long ago I wrote about AMD’s TWKR when the first rumors reached the media. Now we have more news on that. And the sad one is that TWKR still cannot be purchased in retail and most probably won’t be, at least not the ones from the sought-after 100 exemplars that exist today.
Password by Toolman
July 1st, 2009 by Olga Koksharova
Do you understand a word? Except for "password"? Translator needed! 🙂
Reasonable, appropriate, adequate…security (Part I)
June 30th, 2009 by Olga Koksharova
Most laws define security obligations as reasonable, appropriate, suitable, necessary, adequate etc. without giving more precise directives to follow. Is it good or bad? And what should be known about these standards?
Thunder Tables – now registered trademark
June 29th, 2009 by Olga Koksharova
Good news over here! We’ve got a nice and shiny registration certificate from the United States Patent and Trademark Office. Now our Thunder Tables have their (R) sign.
