Flaws in IOS 10 Backup Security: Where my data will lost before it will get fixed? 0 754

Flaws in IOS 10 Backup Security: Where my data will lost before it will get fixed? 0 755

Apple Admits there is the security issue in IOS10

Apple agreed that there is the flaw in their IOS 10 backup security.

  • Researcher claims security check in iOS 10 is 2,500 times weak than iOS 9
  • Elcomsoft says brute force attack can be carried on iOS 10 backups
  • New attack specific to password-protected local backups in iOS 10 devices
  • Apple confirms it is working on a fix
  • It recommends using strong passwords for Mac/ PC
  • New attack specific to password-protected local backups in iOS 10 devices

A security research company based in Moscow claims to have discovered a flaw in Apple’s local password protected iTunes backups in iOS 10, a flaw that is said to weaken password security. According to ElcomSoft’s Oleg Afonin, the security flaw lets attackers develop a new attack that can bypass certain security checks when tallying passwords protecting local backups in iOS 10 devices.

“The impact of this security weakness is severe. An early CPU-only implementation of this attack (available in Elcomsoft Phone Breaker 6.10) gives a 40-times performance boost compared to a fully optimised GPU-assisted attack on iOS 9 backups,” writes Afonin.

An Apple spokesperson in a statement to Forbes said, “We’re aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update.” The Cupertino-based giant again stressed that the flaw “does not affect iCloud backups.” In the meanwhile, Apple has recommended users to “ensure strong passwords on their Mac or PC.”

“We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption,” added the spokesperson. Unfortunately, the company has not revealed an exact timeline for the update.

The security research firm ElcomSoft claimed that the security flaw can let attackers develop a new attack that can bypass certain security checks when tallying passwords protecting local backups in iOS 10 devices. “The impact of this security weakness is severe,” claimed the firm. It also said that the new security check in iOS 10 was roughly “2,500 times weaker” compared to the one used in iOS 9 backups.

It’s worth mentioning that the flaw discovered cannot be exploited remotely and needed the attacker to have access of the local backups in iOS 10.

Iphone is really awesome mobile phone and we all have lust for it.  But we can assume now to buy some of the Iphone now.
Apple iPhone 5s (Space Grey, 16GB)

Apple iPhone 6s (Rose Gold, 16GB)

Apple iPhone 6 (Space Grey, 64GB)

Previous ArticleNext Article

Send this to a friend