ElcomSoft's Phone Forensics Software Offers Near Real-Time Access to iCloud Backups
Russian forensics firm ElcomSoft earlier this week announced that it has discovered a way to easily access iCloud backups of iOS devices, incorporating the functionality into its Elcomsoft Phone Password Breaker software. While the Apple ID and password must be known in order to access the iCloud data, once that information has been obtained the software makes it easy for investigators to download full iCloud backups and then follow incremental backups in near real-time to track a device's use without the knowledge of the user.
ElcomSoft researchers analyzed the communication protocol connecting iPhone users with Apple iCloud, and were able to emulate the correct commands in order to retrieve the content of iOS users’ iCloud storage. It’s important to note that, unlike offline backups that may come encrypted and must be broken into (a time-consuming operation), data retrieved from iCloud is received in plain, unencrypted form . The 5GB of storage space can be retrieved in reasonable time, while receiving incremental updates is even faster.
Obtaining a user's Apple ID password may not always be trivial, but ElcomSoft tools can also be used to capture that information from offline backups stored in iTunes. And of course if the user disables iCloud syncing on its device or changes the Apple ID password, remote access is lost.
ElcomSoft has been at the forefront of development of password-cracking tools, last year incorporating a tool to bypass hardware encryption included in iOS 4. Such tools are increasingly being used by law enforcement to aid their investigations as smartphones become increasingly common and collect a growing amount of information about users and their activity.
ElcomSoft offers several levels of its software, with the most powerful versions restricted to certain governmental agencies, including law enforcement, intelligence services, and other qualified forensic organizations.
Popular Stories
While past rumors have indicated the upcoming second-generation AirPods Pro will feature a built-in heart rate and body temperature sensor, Bloomberg's Mark Gurman has cast doubt on those rumors turning out to be true, saying instead such a feature is unlikely to come anytime soon.
"Over the past few months, there have been rumors about this year's model gaining the ability to determine a...
Apple is working on an Apple Watch Series 8 model with a larger display, according to DSCC's Ross Young and Haitong International Securities's Jeff Pu.
In October last year, Young suggested that the Apple Watch Series 8 could come in three display sizes. Now, responding to a query about the rumor on Twitter, Young claims that the additional display size joining the Apple Watch lineup will be ...
The upcoming launch of Apple's redesigned MacBook Air with the M2 chip has some Windows laptop manufacturers "worried" that sales of Intel-based laptops will be negatively affected, according to industry sources cited by DigiTimes.
"A Wintel brand vendor pointed out that at a price point of US$1,000-$1,500, the MacBook Air will crowd out other high-end notebooks," the report claims, with...
European Union lawmakers have approved landmark legislation to heavily regulate Apple, Google, Meta, and other big tech firms.
The Digital Markets Act (DMA) and Digital Services Act (DSA) were proposed by the European Commission in December 2020. Now, collected in a "Digital Services Package," the legislation has been formally adopted by the European Parliament and seeks to address...
Apple today announced that the new MacBook Air equipped with the M2 chip will be available to order starting Friday, July 8 at 5 a.m. Pacific Time. Apple said deliveries to customers and in-store availability will begin Friday, July 15.
MacRumors exclusively reported that Apple planned to launch the new MacBook Air on July 15, and the date has now been confirmed by Apple. Customers will be...
The M2 MacBook Pro has started making its way into customers' hands and we're learning more about how it performs in a variety of situations, but all eyes are really on the upcoming M2 MacBook Air which has seen a complete redesign and should be arriving in a couple of weeks.
Other top stories this week included a host of product rumors including additional M2 and even M3 Macs, an updated...
Apple today announced a new Lockdown Mode coming to the iPhone, iPad, and Mac with iOS 16, iPadOS 16, and macOS Ventura. Apple says the optional security feature is designed to protect the "very small number" of users who may be at risk of "highly targeted cyberattacks" from private companies developing state-sponsored spyware, such as journalists, activists, and government employees.
Apple...
Apple today released new firmware for the Siri Remote designed for the Apple TV, updating the software from version 9M6772 to 10M1103. The software is for the redesigned Siri Remote that was released in May 2021, aka the gray remote with the updated interface. In the Apple TV settings, the new firmware will display as 0x0070, up from 0x0061. There is no word on what's new with the Apple TV...
Top Rated Comments
One more reason to question internet laws.
More precisely, this is a reason to be a bit suspicious of the cloud in general.
This is not limited to Apple. While I'm sure that, as a consumer-oriented service, Apple's iCloud is likely less secure than other cloud solutions, don't think that other services are exactly risk-free, either. A lot of enterprises restrict or limit the use of iCloud or Google's cloud services on iOS and Android phones and tablets for this very reason. For instance, as a condition of allowing iPhones and iPads onto our Exchange server, my employer requires us to install a profile that turns off iCloud document sharing.
The cloud is a great convenience, but it brings with it a brand new set of security issues.
What security flaws? If someone has my iCloud password they can simply restore an iPhone with my iCloud backup. And if they have physical access to my iTunes backup it means they have my computer which has all the data in iCloud anyway!
Someone can theoretically get your password out of an iTunes backup. If someone has access to your Mac's filesystem, you've got bigger problems, and they probably already have access to all the information you had in iCloud anyway.