Apple was pretty confident that it has well handled security issues when it released iOS 4 with hardware encryption. But the Russian security company Elcomsoft, through its recent exercise, has proved Apple wrong. It demonstrated that how it could decrypt the information stored on iOS devices, including devices using the 256-bit hardware encryption used in iOS 4’s data protection feature which covers iPhone 4, iPhone 3GS, iPod touch (3rd generation +) and all iPad models. Decryption becomes possible by gaining access to various keys on the device. The Russian company here did so by extracting these keys and guessing the passcode by using a brute-force method. This wasn’t exactly a herculean task for the passcodes were only 4 digits long and breaking them was just a 20-40 minute affair on iPhone 4.Elcomsoft will be delivering this toolkit for use to law enforcement, forensic and intelligence agencies and government organizations. So if you happen to involve in questionable extra currics, your iOS device is the last place where you would want to save any kind of such data.
[Neowin]
0 comments:
Post a Comment