Russian company releases iOS decryption tools

May 25, 2011
Tech

The first set of commercially sold tools for cracking into an iPhone’s security have been made available by a Russian company. You might want to change your iOS passwords to something more solid than “1234.” According to a story from Ars Technica, Russian data security company ElcomSoft has created a set of software tools that […]

The first set of commercially sold tools for cracking into an iPhone’s security have been made available by a Russian company. You might want to change your iOS passwords to something more solid than “1234.”

According to a story from Ars Technica, Russian data security company ElcomSoft has created a set of software tools that can be used to break through the encryption on an iPhone. Part password-breaker, part scanner for encryption numbers to get further data out of the phone, the tools are only being made available to law enforcement. Here’s a quote from Ars’ story:

“The decryption tool requires access to the device in question, but once it’s in hand, a few different kinds of keys need can be scraped from it, including the unique device key (UID) and escrow keys calculated using the UID and escrow pairing records. If the device is only protected by a 4-digit passcode, the program then only needs to brute-force its way through that to get access to all of the decryptable information.”

As Ars points out, the security features of Apple’s iOS platform aren’t exactly impregnable, and the story goes on to mention that a similar decryption method was created by the Fraunhofer Institute for Secure Information Technology in February. The difference is that those tools aren’t for sale.

And though the decryption tools exist, they’re not infallible, either. Switching out a 4-digit code for a longer and more complex password basically stops the commercially available tools dead, since the password breaker works by trying number combinations until it finds the right one. Mix it up, and the first step of the decryption gets stalled out.

READ  New iPhone apps worth downloading: 31Squares, Sports Jeopardy!, LEGO Star Wars: Microfighters

Another good way to beat the decryption: Keep your iPhone stuffed full of incriminating information out of the hands of the coppers. Without the device, they got nothin’.

With smartphones becoming more and more prevalent, though, data and information stored on them is being used in ways their creators and owners might not have considered. It’s a good idea to keep in mind that the things you do on your smartphone might not remain private.

The U.S. Senate is considering an amendment to a law that would offer more protections to citizens about the use of their data in the cloud and on smartphones by law enforcement, but it’s not infallible. It came out just a few weeks ago that law enforcement officials were using a bug in iPhones to track their owners’ movements for investigations, with no warrant required.

Moral of the story: Use your smartphone cautiously, both for your security and your privacy.

Search for more

Phil Hornshaw

Phil Hornshaw is a freelance writer, editor and author living in Los Angeles, dividing his time between playing video games, playing video games on his cell phone, and writing about playing video games. He’s also the co-author of So You Created a Wormhole: The Time Traveler’s Guide to Time Travel, which attempts to mix time travel pop culture with some semblance of science, as well as tips on the appropriate means of riding dinosaurs. Check out his profile.

    Home Apps Games