Планета гаджетов / технологий
[ad_1]
Elcomsoft’s PhoneBreaker can attempt 6 million passwords per second on iOS 10 (CPU-only) compared to the 2,400 passwords per second that the encryption and security measures limited PhoneBreaker users to on iOS 9. Keep in mind that none of this affects backups created on iCloud.
The PBKDF2 password protection algorithm on iOS 10 is older, as we pointed out in the beginning of this article. The algorithm employed in iOS 9 is called SHA256. According to Elcomsoft, the same 10,000 passwords are used for 30% of accounts. That allows its PhoneBreaker to successfully use a brute force attack to crack a user’s backup password and obtain data in 80% to 90% of attempts. That high percentage is based on the software running for two days against the weaker PBKDF2 algorithm.
Apple suggests that those who have iOS backup data stored on their Mac, use Apple’s FileVault disk-encryption software to add another layer of protection.
«We’re aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups. We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption.»-Apple spokesman
source: Elcomsoft via Fortune
[ad_2]
Source link