Athough Apple successfully launched it newest version of iOS , the iOS 10, no software comes without flaws at first and the iOS 10 follows that very principle. A security company after researching, stated that iOS 10 had a major security flaw which means that Hackers can now more easily get access to passwords and sensitive information on a device running iOS 10.
The software includes a new way to encrypt iPhone backups that are created through iTunes that give Hackers a far greater chance of obtaining passwords than the previous version of iOS. Hackers could use the brute force method which is essentially a technique that involves automatically trying many different passwords at the same time to crack passwords that users use in their iTunes backups. This would then enable them to steal passwords, credit card data, and other sensitive information stored on your device.
According to the security company , the cracking software, Phone Breaker , can send 6 million passwords each second to try to unlock the data. This however was not the case with iOS 9 last year as the encryption caused the number of passwords to go out at only 150,000. The difference makes it 2500 times easier for hackers to infiltrate iOs 10.
The flaw relates only to manual iPhone and iPad backups and not Apple's cloud based repository system. Hacking iOS used to be impossible or at least very difficult if you didn't actually know the password itself. This we know by the fact that even the FBI had difficulty of cracking the iPhone after Apple refused to give them the password of Syed Farook's iPhone. However this has changed in this years iteration of iOS as now Hackers can more easily, 2500 times to be exact, access your private and sensitive information.
In a statement about the security flaw, the security company said that it is more easier for hackers to get into iOS 10 if they first get access to the computer where the backups are stored. After they have access to the computer, they can then apply the brute force method mentioned earlier to gain access to the actual iPhone or iPad.
"If you're able to break the password, you'll be able to decrypt the entire content of the backup including the keychain" said Elcomsoft, the security company."
Perhaps at the root of the problem lies Apple. Apple with its iOS decided to change how it encrypts backups made using iTunes. According to some reports the decryption method that Apple deployed with iOS 10 is in fact , older than the method used in iOS 9, which automatically makes it more unsafe than the previous version of iOS.
Security experts are actually figuring out why Apple this year made this change . Many have also come to the conclusion that this was intentional and that this massive wake of your security and privacy is deliberate. Many others just thought of it as another glitch or a mistake made by Apple's part.
However Apple is aware of the issue and has stated that it will work to solve this issue as quickly as they can.
"We’re aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC,” the spokesman said. “We are addressing this issue in an upcoming security update. This does not affect iCloud backups. We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption."
Always use a security software that prevents viruses and hackers to gain access to your precious information and always protect your devices from these malicious attackers. Be safe iOS 10 users!
0 comments:
Post a Comment