Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
ElcomSoft's Phone Forensics Software Offers Near Real-Time Access to iCloud Backups
Russian forensics firm ElcomSoft earlier this week announced that it has discovered a way to easily access iCloud backups of iOS devices, incorporating the functionality into its Elcomsoft Phone Password Breaker software. While the Apple ID and password must be known in order to access the iCloud data, once that information has been obtained the software makes it easy for investigators to download full iCloud backups and then follow incremental backups in near real-time to track a device's use without the knowledge of the user.ElcomSoft researchers analyzed the communication protocol connecting iPhone users with Apple iCloud, and were able to emulate the correct commands in order to retrieve the content of iOS users’ iCloud storage. It’s important to note that, unlike offline backups that may come encrypted and must be broken into (a time-consuming operation), data retrieved from iCloud is received in plain, unencrypted form . The 5GB of storage space can be retrieved in reasonable time, while receiving incremental updates is even faster.Obtaining a user's Apple ID password may not always be trivial, but ElcomSoft tools can also be used to capture that information from offline backups stored in iTunes. And of course if the user disables iCloud syncing on its device or changes the Apple ID password, remote access is lost.
ElcomSoft has been at the forefront of development of password-cracking tools, last year incorporating a tool to bypass hardware encryption included in iOS 4. Such tools are increasingly being used by law enforcement to aid their investigations as smartphones become increasingly common and collect a growing amount of information about users and their activity.
ElcomSoft offers several levels of its software, with the most powerful versions restricted to certain governmental agencies, including law enforcement, intelligence services, and other qualified forensic organizations.
[ 169 comments ]
Top Rated Comments
(View all)
92 months ago
One more reason not to rely on iCloud backups.
One more reason to question internet laws.
92 months ago
One more reason not to rely on iCloud backups.
More precisely, this is a reason to be a bit suspicious of the cloud in general.
Another security fiasco from Apple putting their users data at risk. You simply can't trust this company anymore for providing secure robust solutions for their users. They just don't put due effort and involvement in software development.
This is not limited to Apple. While I'm sure that, as a consumer-oriented service, Apple's iCloud is likely less secure than other cloud solutions, don't think that other services are exactly risk-free, either. A lot of enterprises restrict or limit the use of iCloud or Google's cloud services on iOS and Android phones and tablets for this very reason. For instance, as a condition of allowing iPhones and iPads onto our Exchange server, my employer requires us to install a profile that turns off iCloud document sharing.
The cloud is a great convenience, but it brings with it a brand new set of security issues.
92 months ago
Why aren't you mad at Apple for having such security flaws. This is Apples MO after all. Ignore all security issues until the media blows it up, then point the finger for 2 months, then quietly release a security fix with no explanation.
What security flaws? If someone has my iCloud password they can simply restore an iPhone with my iCloud backup. And if they have physical access to my iTunes backup it means they have my computer which has all the data in iCloud anyway!
92 months ago
So someone has to have your password to get into your iCloud account, which is how iCloud works in the first place.
Someone can theoretically get your password out of an iTunes backup. If someone has access to your Mac's filesystem, you've got bigger problems, and they probably already have access to all the information you had in iCloud anyway.
Someone can theoretically get your password out of an iTunes backup. If someone has access to your Mac's filesystem, you've got bigger problems, and they probably already have access to all the information you had in iCloud anyway.
92 months ago
But, don't you need the username and password?
"While the Apple ID and password must be known in order to access the iCloud data"
If you got that, why does it matter? Or is that you just can't delete the backups completely? That part would stink regardless of this silly software. A subpoena would force Apple to hand this over anyway, right?
"While the Apple ID and password must be known in order to access the iCloud data"
If you got that, why does it matter? Or is that you just can't delete the backups completely? That part would stink regardless of this silly software. A subpoena would force Apple to hand this over anyway, right?
92 months ago
Assume that if you have data on a computer connected to the internet that the data are not secure.
92 months ago
Shame, Shame, Shame
For shame, MacRumors. This is scaremongering, caveat-in-the-nineteenth-paragraph of the highest order.
YOU NEED THE ICLOUD USERNAME AND PASSWORD.
This is not hacking! This is accessing your own data!
Obtaining someone's password: that's "hacking", if we can call it that. Apple makes the entirely reasonable assumption that someone with your iCloud username and password is YOU. If they didn't do that, the entire concept of username/password identification is pointless.
If you couldn't access your iCloud backups with your iCloud username and password, then when you're restoring to a new device, how on earth are you supposed to identify yourself?
For shame, MacRumors. This is scaremongering, caveat-in-the-nineteenth-paragraph of the highest order.
YOU NEED THE ICLOUD USERNAME AND PASSWORD.
This is not hacking! This is accessing your own data!
Obtaining someone's password: that's "hacking", if we can call it that. Apple makes the entirely reasonable assumption that someone with your iCloud username and password is YOU. If they didn't do that, the entire concept of username/password identification is pointless.
If you couldn't access your iCloud backups with your iCloud username and password, then when you're restoring to a new device, how on earth are you supposed to identify yourself?
92 months ago
And in other news if someone has your:
ATM card and PIN they can steal money from your account!
Gmail email address and password they can read your mail!
Wak by your mailbox and open the lid they can steal your snail mail!
Wifi access point password they can steal your Internet services or worse!
:eek: :eek: :eek:
ATM card and PIN they can steal money from your account!
Gmail email address and password they can read your mail!
Wak by your mailbox and open the lid they can steal your snail mail!
Wifi access point password they can steal your Internet services or worse!
:eek: :eek: :eek:
[ Read All Comments ]
In iOS 13, Apple has extended the system's built-in screenshot feature to include the ability to save a full web page as a multi-page PDF.
Don't expect this option to appear when...
For this week's giveaway, we've teamed up with Twelve South to offer MacRumors readers a chance to win a prize pack that includes a BookBook vol. 2 for iPad Pro, an AirFly, and a set of...
O2 has became the latest network carrier in the United Kingdom to offer the cellular version of the Apple Watch Series 4. iPhone users can now order the LTE-enabled smartwatch through the O2 website,...
Unsolicited phone calls can become a regular annoyance and even a cause of stress for many smartphone users these days. Thankfully, Apple provides a feature in iOS 13 that can automatically silence...
The Iconfactory today announced it has released a significant update to its popular third-party Twitter client Twitterrific for iPhone and iPad. The latest version of the app contains over 50 new...
Apple yesterday released a new update for Safari Technology Preview, the experimental browser Apple first introduced three years ago in March 2016. Apple designed the Safari Technology Preview to...
Amazon and B&H Photo are discounting the latest versions of Apple's iPad Air this week, with each configuration of the tablet receiving a new all-time-low price tag. Amazon offers the largest...
Spotify today announced a new version of the "Your Library" tab in its mobile apps for iOS and Android, which is "designed to get you to the content you want faster." This update is...
