Posts Tagged ‘iOS security’

Just days ago, we have reviewed the data stored in iCloud, and studied its encryption mechanisms. We also discussed the discrepancies between the data that is stored in the cloud and the data that’s provided to the law enforcement. In case you missed it, make sure to check out Apple vs. Law Enforcement: Cloud Forensics. Today, the differences are great; Apple is using point-to-point encryption to protect certain types of data. However, it has not always been that way. Apple security model changed year after year. This article reviews the timeline of Apple security changes over time.

We’ll list the security measures and discuss whether the real purpose of these changes were the customers’ security and privacy, or throwing a monkey wrench into the work of the law enforcement. We will also try to understand where iCloud security stands today, and how safe your data is against hackers and the law enforcement. Are you a forensic professional? I think you’ll find this article handy.

Apple iCloud: the beginning

Apple has introduced iCloud in October 2011, replacing the aging MobileMe service. At that time, Apple iCloud services were based solely on Amazon and Microsoft Azure servers (new platforms have been added a few years later). Using iCloud on the iPhone required installing iOS 5.

Apple iCloud today provides a range of services including synchronization of data across devices connected to the account, iCloud backups for iOS and iPadOS devices, iCloud Drive (just the storage), as well as the Find My service.

iCloud security

While you can always refer to the source in iCloud security overview, I can give you a shorter and simpler description.

First, all iCloud data (including backups) is stored on third-party servers. These servers are owned by Amazon, Google, Microsoft, or the Chinese government in the case of Chinese users. We also witnessed some mysterious AT&T data centers in the past.

Second, all that data is always encrypted.

Third, the encryption keys for most of that data are also retained by Apple. However, the keys are not stored on the same physical servers; instead, Apple keeps them in Apple-owned data centers under the company’s full control. Interestingly, this seems to be the case even for data stored in China (where iCloud data itself is located on Chinese servers only).

Careful readers noticed the “most” part. The “most” part does not mean that the data is not encrypted; it’s rather the opposite. More on that in “end to end encryption” below.

Do the same rules apply to iCloud backups? Yes, they do. A couple years ago, Apple war rumored to have plans to encrypt iCloud backups in a more secure way (potentially with end-to-end encryption). Those plans have been but finally rejected it, probably under FBI pressure, but only Apple knows the actual reasons.

Two-factor authentication: 2SV, 2FA and iCloud backups

Today, it is hard to believe that an online account that holds your personal data may not support two-factor authentication. Online threats and phishing are the main risks, and if you re-use your passwords, the situation is even worse.

In the first two years, iCloud did not have any kind of two-factor authentication. One was only added in 2013, but the half-baked solution only protected access to the account itself, and not to iCloud backups. We wrote about that in Apple Two-Factor Authentication and iCloud.

You probably remember what happened next. Celebgate. Only after that, Apple applied second-factor protection to backups.

It is important to note that Apple’s initial implementation (called Two-Step Verification, 2SV) was not perfect. It was a rushed afterthought. The current implementation of two-factor authentication (2FA) was introduced with iOS 9 in 2015, and it offers good protection.

We covered this subject many times:

It’s all about the tokens

In 2014 (the year when Apple added 2SV to iCloud backups), we got a bright idea. If you set up your computer to access iCloud account*, you won’t be prompted for your password or prompted for a one-time code every time you access the cloud. This means that the authentication token could be saved somewhere. Could we use that token to bypass password-based authentication?

* iCloud access is a built-in feature on a Mac, while “iCloud Control Panel” is required on Windows; its current name is iCloud for WIndows.

It worked; see Breaking Into iCloud: No Password Required. Having the token obtained, we were able to download iCloud backups (and later implemented the same technique to download other/synced data from iCloud).

Did our work introduce a new security risk for iCloud account owners? Probably not (or just a little), as extraction and decryption of the tokens requires physical access to the computer, as well as administrative privileges (and if you have both, there are much more serious risks involved).

However, Apple took it seriously, and since then, implemented additional security measures related to tokens, in particular:

  • Limited lifetime. The token worked perfectly for synced data. When accessing iCloud backups, its lifetime was limited first to 24 hours, and then to just one hour.
  • Limited use. Currently, the token stored on the device is only good for a limited number of categories including iCloud Photo Library and most synced data and excluding end-to-end encrypted data. Tokens cannot be used for accessing iCloud backups.
  • Pin to device. That was the biggest surprise. After some changes Apple did last year, the token could be used (even for accessing a limited set of data) on the same computer only. On macOS, we have recently found a way to obtain an “unpinned” token that can be used on other computers, but there is no way to do that for Windows.

Still, it is theoretically possible to obtain full-featured “unpinned” tokens that allow obtaining almost everything from iCloud from a trusted macOS computer. We are working hard in this direction; watch our blog for updates. Still no access to backups though. Apple did everything to get iCloud backups extremely hard, even if you know the password and have the second authentication factor.

End-to-end encryption (they call it so)

C’mon, Apple, please do not call it “end-to-end”, that term is reserved for the case when some data can be only decrypted at the end point, because it is the only place that holds the decryption key. Yes, trusted iPhones do have the key, but we can get one even from the outside and without access to the device. This isn’t exactly end-to-end, is it?

What does Apple protect with this “end-to-end” encryption? This encryption covers data that belongs to the following categories: iCloud keychain, Health data, messages in iCloud, Home data, and (surprisingly!) some Apple Maps data, even though Apple does not mention that.

All that data is stored in iCloud and synchronized across “trusted devices”. In case if you did not know, the key to decrypt that data is also stored in iCloud (even if Apple wants you – and the law enforcement – to believe otherwise). That key, however, has stronger protection than the general iCloud encryption keys (that could be probably called “snake oil”) and can only be accessed by devices that are part of the “trusted circle”.

Can someone enter into the trusted circle? Of course, but not easily so.

Notifications, account locks, GSA and other changes

There are a couple extra security measures related to iCloud backups we have not mentioned.

First, you probably noticed that once the backup restoration process is completed, the notification is being sent to the account owner (by email).

Second, Apple does its best to detect whether download process is initiated by the actual device or by third-part software like ours.

We did our best to ‘mimic’ the device, but suppress the ‘restore’ notification. Currently, it works, but it looks like Apple has a dedicated team of security specialists working against our software.

On a regular basis, Apple changes everything they can: protocols, encryption, and data storage formats. Some of these changes are reasonable, while the other (solid!) part of these changes is intended only as a countermeasure against forensic tools, while adding little to no extra security to iCloud.

Have I mentioned GSA (Grand Slam Authentication) and “anisette data”? I was not going to dive deep into technical details, but you can search for my presentations on this subject; they are publically available.

The dark side of the cloud

Are you sure that you know all of the following?

  • What information is synced between your device and iCloud (or just uploaded to iCloud)
  • If Apple really deletes your data from iCloud when you delete it from the device
  • What information Apple provides to the law enforcement once they are served with a legal request

Nobody knows, and I have some surprises for you.

First, Apple syncs more data with iCloud than it publically admits. A good example is the call log (the list of incoming and outgoing calls); there is no option on the iPhone that disables syncing.

Second, there is some extra data in iCloud such as iCloud access logs, stored for 28 days. It includes your IP address (it can be used to get physical location) and the time stamp.

Next, it is not clear what really happens when you delete the data. In the past, we found some of the data to remain on Apple’s server past the advertised retention time, including media files (photos and videos), Web history and notes. Moreover, we have found a way to extract it. At this time, our method does not work anymore, but we never know whether it is still saved somewhere, and if it is, whether it is provided to law enforcement agencies (maybe just the select few).

Bonus track: Google and Microsoft

This is definitely outside the scope of this article, but you might be curious how Apple iCloud security compares to Google and Microsoft, the other two major cloud vendors.

Neither of these companies offer detailed descriptions on how they store and encrypt the user’s data. Still, it is not too hard to guess, based on what we know.

Google saves enormous amounts of data. It sources the data from all the devices running their software or using their services, and not just from Android. As opposed to Apple, even though Google provides granular control to what data is stored or synced, it is not easy to disable or enable data syncing from the device(s). The data stored by Google usually includes detailed location history, a comprehensive history of the user’s search queries, all of the user’s purchases (not just with Google), and a lot more.

Microsoft syncs or may sync less data than Apple and Google, but the company still has some. This includes Web history and Bing searches, contacts, Cortana commands, Skype conversations and more, including BitLocker recovery keys. Microsoft does not make it very clear what data is saved in the account.

Cloud acquisition

If you want to get the maximum amount of data from Apple iCloud, you have no choice but use Elcomsoft Phone Breaker. iCloud backups, files from iCloud Drive, iCloud Photos, FileVailt2 recovery token, iCloud keychain and all end-to-end encrypted data such as messages, Health, Screen Time and more, you can obtain all of that. This product can also extract the data from Microsoft accounts, from contacts to Skype conversations.

For Google accounts, use Elcomsoft Cloud eXplorer. The only thing we cannot get is Android device backups as they are securely encrypted (we continue our research).

When it comes to other cloud data, Oxygen Forensic Suite leaves no place for competitors. The number of cloud sources it supports is impressive (close to one hundred), including Telegram, Samsung cloud, Xiaomi Mi Cloud, Huawei Cloud and dozens others, including third-party apps that sync enormous amount of data (and so the evidence). All that stuff is continuously improved and perfectly supported according to the vendors’ changes, contrary to similar products from other vendors, even those that are more expensive and pretend to be “number one”. Seriously, do not waste your time trying the others: you will get a result that is not even close. Do not trust vendors’ claims, but verify yourself.

Protecting your data

Do you want to make your iCloud account secure? Don’t use it this way! Just kidding; the iPhone without iCloud is quite a Samsung.

The very first thing I would recommend is requesting a copy of your data from Apple’s Data & Pricacy Portal and analyzing it carefully. About the same amount of data (plus backups) will be provided to the law enforcement if requested.

A more effective way is using Elcomsoft Phone Breaker to get everything including “end-to-end encrypted data”.

If you decide to keep using iCloud, here is what we can recommend (simple and probably well-known, but still often overlooked):

  • Use a secure iCloud password, long and complex enough.
  • Make sure that password does not look similar to any other passwords you use. Of course, it must not be identical to any other password you have.
  • Don’t cache that password in your Web browser, ever.
  • Don’t ever store that password in your Google Account.
  • Don’t store that password in the keychain (iOS, iPadOS or macOS).
  • Use two-factor authentication (I know some people who don’t).
  • Use strong passcode/password on your iOS device(s) and desktop(s).
  • Physically secure all your devices and never leave them unattended (even locked).
  • Did I mention you should never re-use your passwords and passcodes?
  • Keep all your devices updated to the latest system (iOS/iPadOS/Windows/macOS), and do not forget about your Apple TV and Apple Watch.
  • If you are using an old Android (more than one year old), don’t count on updates to arrive. Just buy the current flagship.
  • For Windows, follow our recommendations listed here; the macOS guide will follow.
  • Be aware of checkm8 exploit if you are using an old device. Make sure you know that some data can be extracted even from locked and disabled devices.
  • Remember how to enable the SOS mode.
  • Know how to use Find My

If you work for law enforcement

Speaking of iCloud, you have several options. First, read our recent Apple vs. Law Enforcement: Cloud Forensics for better understanding what is stored in iCloud, how it is encrypted and protected, and what your options are. In general, you need to analyze all devices the suspect regularly used, and probably even those that’ve been used at least once. You might be able to get lockdown records, leading you to locked device access; or extract passwords saved in the browser. Better yet, attend one of the ElcomSoft trainings to understand how to obtain as much data as possible from every available source. We don’t just tell you how to use our software. Instead, we’re offering the complete workflow, talk about the typical mistakes and share our knowledge and expertise.

Conclusion

So what about iCloud security today? I would say, it is generally OK. More information here:

Still, we have two conflicting thoughts. First, Apple saves a lot of data in iCloud, and we don’t know all the details. The fact that others are (much) worse in this respect doesn’t change much. Second, Apple makes the work of forensic experts unnecessarily more complicated without making any real security improvements, all the time. Apple, it’s hard to wear two hats.

This publication is somewhat unusual. ElcomSoft does not need an introduction as a forensic vendor. We routinely publish information on how to break into the phone, gain access to information and extract as much evidence as theoretically possible using hacks (jailbreaks) or little known but legitimate workarounds. We teach and train forensic experts on how to extract and decrypt information, how to download information from iCloud with or without the password, how to bypass two-factor authentication and how their iPhone falls your complete victim if you know its passcode.

This time around we’ll be playing devil’s advocate. We’ll tell you how to defend your data and your Apple account if they have your iPhone and know your passcode.

iOS Devices Are Secure

We praised the iOS security model on multiple occasions. Speaking of the current pack of iOS versions (including iOS 11.4 release, 11.4.1 public beta and 12.0 first developer beta), we have full-disk encryption with decryption keys derived from the user’s passcode and protected by Secure Enclave. Thanks to the iOS keychain, we enjoy the additional layer of protection for our passwords and other sensitive information. If you protected your iPhone with a 6-digit passcode (which you really should, and which is the default since at least iOS 10), most of your information is securely encrypted until you first unlock your iPhone after it completes the boot sequence. Even if they take the memory chip off, they won’t get anything meaningful due to the encryption. (more…)