IOS discovered 10 new vulnerabilities are hacking easy backup files

IOS discovered 10 new vulnerabilities to backup file hacking [Abstract] Apple seems to accidentally lowered the iOS 10 system backup file difficult to crack, brute force speed is shortened 2500 times than before. The Verge Chinese station reported in September 26th according to the latest report "Forbes" shows that Apple’s iOS 10 system seems to be on the security problems, local backup file to the user in the case of unauthorized access by malicious people. A company called Elcomsoft Russian security company said in his blog, iOS 10 backup files to the emergence of a new password authentication mechanism, some security checks before but this mechanism is omitted, so that hackers can more quickly and more easily obtain key information in the backup. Elcomsoft team will be back to the iOS 10 as a target to crack, if the attacker is not set up the associated password backup, then iOS 10 backup file to crack faster than the previous iOS 9 backup crack faster. Prior to the team’s tools in the crack iOS 9 backup, the brute force can be cracked every minute of the 2400 passwords, and this time in the iOS 10 backup, the number of passwords per minute to break up to reach the number of 6 million. Therefore, the backup file in iOS 10 iTunes has become a very weak link. Elcomsoft team pointed out that if you want to enter the hardware or iCloud account has become very difficult, but access to iTunes backup has become very easy. In the iTunes backup file contains the mail list, SMS, call a variety of file records, photos and video, as well as a variety of website passwords, so once the iOS 10 environment iTunes backup file is deciphered, data security will be threatened by the user. However, according to Forbes, the latest news that Apple Corp has recognized the problem, and said it had begun to repair. We have been informed about the iOS 10 devices through Mac or PC iTunes backup, the vulnerability caused by the vulnerability of the encryption intensity. We will fix this vulnerability in the next security update. This does not affect the iCloud backup." Apple spokesman said, we recommend users to ensure that their own Mac or PC has a strong password protection, and can only be authorized users to visit. FileVault full disk encryption can provide additional security." Therefore, whether it has been upgraded iOS 10 or has not yet upgraded the user, the current can do is to wait patiently, so that Apple fixes the vulnerability and then re backup the data. (original author: Andrew Liptak compiler: Bear)相关的主题文章: