Tools provided by Forensics Firm to Defeat iOS 4 Encryption

[Jaromierz]

Bright Side of News reports that the Russian law firm Elcomsoft has exposed a method of cracking encryption built into Apple hardware IOS 4, law enforcement and other parties with a way to access protected data if they have physical access to the device. Elcomsoft offers a phone based Password Breaker for Windows at a price of $ 79 for home use and is able to unlock encrupted backup BlackBerry devices and IOS. A much higher package for 4 devices IOS is available to government agencies, which provide access to data such as passwords, emails stored and deleted SMS messages and emails. What do you think?

[Cruzz]

The "other parties" who are talking not only of governments. I think it means anyone. But I wonder if Jon Zdziarski technique is still valid, where jailbreak, but only overwrite the ssh and then capture device to transfer a dd over netcat. I think this method would be faster, transfer of 16-32GB of data over Wi-Fi for me in the days 2.x/3.x was slow. So I hope that they use this method which is quite good and efficient.

[Odalis]

Most of the really valuable data, such as web logins and emails, is protected by key tied to the user's password. This software has yet to brute force the password that is trivial if the access code is simple 4 digits is used. Even the access code cannot be simple brute force easily if the user does not follow the basic practices of password. Passwords must contain at least one element of the alphabet in capital letters, lower case alphabet, numbers and symbols at a time that is at least 8 characters long.

[Abenaki]

Using the key escrow in place of brute force the password required to access both the IOS device and a computer operating iTunes with which it has been the specific IOS device sync. If you're actually paranoid, just be sure that the code is quite hard to brute force to remove iTunes, be sure you remove any of its associated files, then configure, upgrade, etc. IOS device. I hope you understand what I meant to say.

[Beothuk]

I tried a couple of things to see what would cause iTunes to request a password IOS device, in spite of having already synchronized with each other in the past. This information is most likely not important for most users, myself included, taking into account their needs for data security, but can be useful for someone. Change the access code after each synchronization does not cause iTunes to prompt password IOS device as the key function of custody is not connected to the access key. ITunes withdrawal of approval does not cause iTunes to prompt password IOS device to allow device synchronization for the Apple ID is not involved in the procedure.

[Algonkin]

Currently, FileVault does not seem to encrypt the folder. This will not be a problem with FileVault in Mac OS X León, as it supports full disk encryption. Interestingly, it was sometime last year that moved lock folder from Library. The old location is in an area of the FileVault encryption system. Was this an oversight by Apple? I suspect that access to iTunes is not necessary as a separate tool was developed to avoid encryption to any combination, including eliminating or restricting access to iTunes without having to also delete the contents of the folder blocking is effective. Removing iTunes also more likely not provide any benefit. Encrypt backup device IOS has no impact on the folder blocking, but increases the security of other ways unrelated to the issue of key escrow.

[Iroquois]

As suggested by black box, delete the folder blocking causes iTunes to prompt the user to enter the access code IOS device, after which the synchronization of the device causes the contents of the folder lock to be recreated. The content of the folder lock only appears to be related to timing of IOS devices. The contents can be safely removed and re-created each time you synchronize the device IOS. Therefore, a combination of the use of a secure access code and delete the contents of the folder after each sync block can ease access to user data by the method described in the original post. In addition, it would be trivial to produce an easy application using Automator to move the contents of the folder lock them away when they run after every IOS device sync.