Elcomsoft releases iPhone 4 password cracker

Apple changed the iPhone 4 software in a way that makes it easier to recover the plain-text password used to encrypt data

Russian password-cracking company Elcomsoft has released new software that can in some instances figure out the password used to encrypt backed-up iPhone data.

Elcomsoft said Apple somewhat changed the way their encryption system works for its latest iPhone 4 software. When an iPhone is plugged into its home computer, its data -- such as e-mail passwords, calendar events, text messages -- are automatically backed up in a so-called "keychain."

That information was previously encrypted using a device-specific encryption key, but with "iOS 4 this is not necessarily the case" if someone choose a master password to access the data, according to Elcomsoft.

If a person chooses to encrypt the data, the backup is encrypted with a master password selected by a user. But if the person can't remember their password, the data can't be restored to an iPhone. A user would have to do a full software restore and set up a new backup, with all of the other data lost.

But Elcomsoft says it can figure a password out with its latest iPhone Password Breaker application. The company says that Apple's encryption of the backup is excellent, as the passwords can only be figured out using brute-force attacks, where a computer tries millions upon millions of possible combinations, or dictionary attacks, which use lists of commonly used words.

Elcomsoft said its software doesn't have a 100 percent success rate, but if a person selects a short and simple password, it could be recovered in seconds. Other factors in how long its software takes to recover a password depends on a person's computer and the power of its CPU and graphics card.

Once the password is recovered, Elcomsoft said its software allows a person to examine their keychain and export that data into XML (Extensible Markup Language) or plain text document.

The iPhone Password Breaker is legal for people to use on their own backups or if they have the permission from someone to examine their iPhone. The software costs £79 (US$126) for the home edition and £199 for the professional edition.

Send news tips and comments to jeremy_kirk@idg.com

Tags telecommunicationiOS 4passwordssecurityElcomsoftAccess control and authenticationencryptionMobile operating systemssoftwaremobileApple

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?