Security researchers at Elcomsoft have discovered that iOS 10 much easier to crack

Security researchers at Elcomsoft have discovered that iOS 10's local encrypted backups (that is, the ones you create in iTunes) use an older password protection algorithm that's much easier to crack than the one used in iOS 9 -- about 2,500 times easier, according to the team. If intruders can get to your iTunes backups and use a brute force cracking tool, they could have a much simpler time breaking the security and getting access to sensitive info like account passwords or your Health app data.

The new security check is approximately 2,500 times weaker compared to the old one that was used in iOS 9 backups. At this time, we are getting these speeds:
  • iOS 9 (CPU): 2,400 passwords per second (Intel i5)
  • iOS 9 (GPU): 150,000 passwords per second (NVIDIA GTX 1080)
  • iOS 10 (CPU): 6,000,000 passwords per second (Intel i5)



Apple tells Fortune that it's planning to toughen up security in an "upcoming security update." It also stresses that this won't affect your iCloud backups, and that using full disk encryption on your computer (such as macOS' FileVault) can add some extra security in the meantime. You can read the full statement below.

The likelihood of someone both hijacking your computer and knowing that there's iOS data to swipe is rather slim, so you might not want to chuck out your local backups just yet. However, you'll definitely want to be careful about doing things that could compromise your computer, such as leaving it in a public space or running it without a tough-to-guess password.

"We're aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups. We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption."

source: Fortune, Elcomsoft








The owner of blogmytut.blogspot.com will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.Report any Broken Download link on Blogmytuts Facebook Page
Share on Google Plus

About Chucks

A Freelance Computer Tech with knowledge about computer, router and mobile phones, especially in Upgrade and Downgrade OS, Software and Hardware troubleshooting. fallow me at Google+
    Blogger Comment
    Facebook Comment

0 comments:

Post a Comment