Security Market Segment LS
Saturday, 28 May 2011 23:46

All of your iPhones are belong to us


Despite having a dedicated hardware data encryption chip, Russian security company Elcomsoft has devised a method to bypass nearly all security and access the stored data on any iOS 4 device.

An iOS 4 device secures pretty-much all of its content using AES-256 encryption; almost certainly unbreakable.  Unfortunately, the way in which it releases the encryption key is laughably simplistic.

We all have our simple 4-digit unlock code which (Apple tells us) will cause a lock-out if entered incorrectly 10 times.  Enter it correctly and direct access to release the key is granted.  In other words, despite what the very complex AES key looks like, it is released by a 4-digit PIN.

Next Elcomsoft tells us, they found a way to bypass the 10 attempts lockout by running their brute force attack directly on the security chip, bypassing the API that counts the attempts.

So, how does the average iOS user defeat the attack?  Actually it's quite easy - don't rely on a 4-digit access code.  Using the 'complex' passcode option to create a (minimum) 8-digit code would essentially defeat the attack.  The brute-force must be performed upon the device and unlike a PC where it would happen in a few moments, an exhaustive scan of all 10,000 possible values takes around 40 minutes.  Doubling the length would take 400,000 minutes (just under 280 days).

BTW, owners of the iPhone 3GS running iOS 3 should be even more scared, all an attacked has to do is delete the 4-digit code to gain full access to the device (there is no encryption chip).

This is only a quick report of the work Elcomsoft has done; interested readers should follow the link above to learn more about the attack.

In writing about their work, Elcomsoft's Vladimir Katalov gives some context: "Let's make it very clear: no privacy purist should ever use an iPhone (or any other smartphone, probably). iPhone devices store or cache humungous amounts of information about how, when, and where the device has been used. The amount of sensitive information collected and stored in Apple smartphones is beyond what had previously been imaginable. Pictures, emails and text messages included deleted ones, calls placed and received are just a few things to mention. A comprehensive history of user's locations complete with geographic coordinates and timestamps. Google maps and routes ever accessed. Web browsing history and browser cache, screen shots of applications being used, usernames, Web site passwords and the password to iPhone backups made with iTunes software, and just about everything typed on the iPhone is being cached by the device."

Elcomsoft has packaged all this into a simple toolkit which (fortunately?) is currently available only to "select government entries such as law enforcement and forensic organizations and intelligence agencies."  One can only wonder how long until it gets into the hands of the bad guys.


You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer


QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.



Recent Comments