Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Apple's iOS 4 Hardware Encryption Cracked

samzenpus posted more than 3 years ago | from the what-took-so-long? dept.

Security 208

adeelarshad82 writes "Russian company ElcomSoft is claiming to have cracked the 256-bit hardware encryption Apple uses to protect the data on iOS 4 devices, and is offering software that allows anyone to do it. ElcomSoft can now gain full access to what is stored on a gadget such as the iPhone 4. This includes historical information such as geolocation data, browsing history, call history, text messages and emails, usernames, and passwords."

cancel ×

208 comments

Sorry! There are no comments related to the filter you selected.

iPhone Anal Security Gloryhole (-1, Flamebait)

Anonymous Coward | more than 3 years ago | (#36244140)

I guess all you iPhone using homosexuals are going to have to accept this violation of your security and privacy.

Just pretend that Steve Jobs is violating your asshole again.

Re:iPhone Anal Security Gloryhole (0)

Anonymous Coward | more than 3 years ago | (#36244842)

Sounds like you're upset about Steve Jobs NOT violating your asshole.

Where there's a will... (1)

Anonymous Coward | more than 3 years ago | (#36244174)

... there's a way. Always.

Re:Where there's a will... (5, Informative)

naz404 (1282810) | more than 3 years ago | (#36244406)

FYI guys, ElcomSoft is the company where Dmitry Skylarov [wikipedia.org] worked -- the research guys who cracked the encryption on Adobe's PDF files.

Skylarov was arrested after flying to the U.S. to give an eBook security talk at DEF CON under the DMCA for software copyright circumvention blah blah.

well... (0, Flamebait)

Anonymous Coward | more than 3 years ago | (#36244182)

I'd better switch to Android pronto - I'm sure that's safe!

Re:well... (0)

Anonymous Coward | more than 3 years ago | (#36244786)

You'd be correct :)

Brute force tool, not a "crack" (5, Informative)

bbk (33798) | more than 3 years ago | (#36244194)

This just lets you brute force the passkey, easy as if you're using a 4-digit numeric passkey there are only 10000 combinations.

If you're using a more complex alphanumeric key, which can be enabled with the iPhone config utility, then this probably won't work that well...

Re:Brute force tool, not a "crack" (1, Insightful)

geekoid (135745) | more than 3 years ago | (#36244308)

And there are tons of ways to make windows more secure.

People tend to be lazy.

Re:Brute force tool, not a "crack" (1, Funny)

Mad Merlin (837387) | more than 3 years ago | (#36245164)

And there are tons of ways to make windows more secure.

Such as wiping the drive, or unplugging the power and network cords.

Re:Brute force tool, not a "crack" (0)

Anonymous Coward | more than 3 years ago | (#36245294)

I remember laughing to that joke in 1997

Re:Brute force tool, not a "crack" (1)

Anonymous Coward | more than 3 years ago | (#36245390)

Android has Pattern Lock. It is much easier to swipe in a pattern then to type in a PIN. I guessed the PIN on my sisters fiance's iPhone in just a few tries. It was the year he was born. He couldn't guess my pattern, despite me using a fairly simply pattern. Maybe Apple should copy some Android features. The smudging of the pattern isn't a big deal if you wipe your screen regularly.

Re:Brute force tool, not a "crack" (1)

LordLimecat (1103839) | more than 3 years ago | (#36245426)

This isnt a story, because we've long known that bruteforcing 10000 combinations isnt hard. Throwing the iPhone's name out there is perhaps a way to make this sound impressive or novel, but its not.

Re:Brute force tool, not a "crack" (1)

Anonymous Coward | more than 3 years ago | (#36244348)

This just lets you brute force the passkey, easy as if you're using a 4-digit numeric passkey there are only 10000 combinations.

If you're using a more complex alphanumeric key, which can be enabled with the iPhone config utility, then this probably won't work that well...

You think the root is locked with the front screen code? And that code is only four digits by default, it can be changed to any alpha numeric combo like a regular password. Again this is not what they have cracked.

Re:Brute force tool, not a "crack" (1)

kybred (795293) | more than 3 years ago | (#36244612)

This just lets you brute force the passkey, easy as if you're using a 4-digit numeric passkey there are only 10000 combinations.

I wonder if it tries '1234' first?

Re:Brute force tool, not a "crack" (0)

Anonymous Coward | more than 3 years ago | (#36244952)

This just lets you brute force the passkey, easy as if you're using a 4-digit numeric passkey there are only 10000 combinations.

I wonder if it tries '1234' first?

That's the stupidest combination I've ever heard of in my life. The kind of thing an idiot would have on his luggage!

Re:Brute force tool, not a "crack" (1)

Lokitoth (1069508) | more than 3 years ago | (#36245030)

'1234'? That's the password on my luggage!

Re:Brute force tool, not a "crack" (0, Troll)

Anonymous Coward | more than 3 years ago | (#36245128)

quote fail

Re:Brute force tool, not a "crack" (0)

adisakp (705706) | more than 3 years ago | (#36245358)

This just lets you brute force the passkey, easy as if you're using a 4-digit numeric passkey there are only 10000 combinations.

I wonder if it tries '1234' first?

Amazing! That's the combination to my luggage!

Re:Brute force tool, not a "crack" (0)

Anonymous Coward | more than 3 years ago | (#36245462)

What a buffoon! Every idiot knows that you should use a 5 digit password.

Re:Brute force tool, not a "crack" (0)

Anonymous Coward | more than 3 years ago | (#36245464)

That's the same combination as my luggage

Company haha (0)

Anonymous Coward | more than 3 years ago | (#36244202)

We are very legitimate Russian softwares company.

IN SOVIET RUSSIA (1)

Jeremiah Cornelius (137) | more than 3 years ago | (#36244766)

iPhone Cracks YOU!

well... (0, Offtopic)

errandum (2014454) | more than 3 years ago | (#36244208)

They figured the algorithm used to generate the keys...

Security one-o-one is DO NOT USE AN ALGORITHM TO GENERATE YOUR KEYS.

Big big fail, in my opinion.

Re:well... (1)

errandum (2014454) | more than 3 years ago | (#36244250)

Or nevermind. The source where I read this news claimed that, but it seems it relies on a brute force attack, although they do have an algorithm to get a set of valid testing keys.

Re:well... (1)

newcastlejon (1483695) | more than 3 years ago | (#36244352)

How would you feel about taking a user-input password and using an algorithm to generate a computationally convenient key?

Re:well... (0)

Anonymous Coward | more than 3 years ago | (#36244436)

How would you feel about taking a user-input password and using an algorithm to generate a computationally convenient key?

You mean like Password Based Key Derivation [wikipedia.org] ?

Re:well... (1)

errandum (2014454) | more than 3 years ago | (#36244908)

Not as good as a genuine key, but way better than something that can be guessed to some approximation. Assuming, obviously, that "user input" is a strong key to begin with.

Re:well... (1)

hoggoth (414195) | more than 3 years ago | (#36245292)

Re: your sig:
> If God forks the Universe every time you roll a die, he'd better have a damned good memory.

Not if every possible universe exists simultaneously and every time you roll a die you simply move to the matching universe-state.

Re:well... (2)

BitZtream (692029) | more than 3 years ago | (#36245018)

Ahh, I love when people with no clue repeat crap they found on the Internet.

Show me something that doesnt' generate keys using an algorithm ... I won't be holding my breath. Any good security system uses an algorithm for key generation ... with a RANDOM mutator. Not all keys are created equal, some are known to be weak, throwing those out is paramount and users simply aren't worth shit at generating random keys, so you use an algorithm known to generate strong keys with a random mutator.

Let me help you out as to the standard way all of us that actually know about encryption do it: RFC 2898

Again, please do not talk about security and encryption when you clearly have no idea what you're talking about and are just spewing some blurbs you read from someone on the Internet, which again, you clearly didn't understand them when you read them.

Re:well... (0, Flamebait)

errandum (2014454) | more than 3 years ago | (#36245530)

What?

First, there are a few almost 100% random generators. I prefer electromagnetic field variations, some use radioactive field decay, but there are more. Google them, I'm not here to teach you.

Second, I had a whole course dedicated almost exclusively to to encryption. I've implemented 3xDES, AES and RSA (C code, mind you, not easymode java). The first way to get your key broken is to make them predictable. It doesn't matter if you use a Password Based Key Derivation or not, if your universe of keys is known (in this case it's based on your phone's ID's, if what I read was true), enough processing power and you'll get there (it's what they seem to be doing).

Third and foremost, who the fuck are you to judge my knowledge based on those 3 lines? I know about salting, about making things slow enough to frustrate brute force attacks, etc. I wonder how you decided I did not, but please, fuck off.

History repeats? (0)

Daetrin (576516) | more than 3 years ago | (#36244226)

Will Apple start issuing lawsuits and court orders left and right to try and stop this? And if so will it distract people from Sony's recent actions along those lines?

Re:History repeats? (3, Interesting)

pandrijeczko (588093) | more than 3 years ago | (#36244492)

It's a case of "damned if they do and damned if they don't" for Apple currently.

This is precisely what happens when you turn yourself into an "evil" company like Sony did and Apple are a long way through the process of doing - you will attract the hacker community and there will be thousands of people simultaneously trying to shame that company.

It's "infinite monkeys & infinite typewriter" syndrome - the majority of hackers will have no success with breaking into the systems or devices, but because there's *THAT MANY* doing it *ALL OF THE TIME*, eventually some will be successful.

As someone who works in security, I can tell you honestly that no company reveals successful or failed hack attempts on their systems unless they really have to - in the case of the Sony credit cards, they *HAD* to because of the potential fraud on those cards that could take place.

So you can pretty much guarantee that Sony, Apple and other "Evilcorps" are being pounded & hacked all of the time, but they hush it all up as best they can.

Re:History repeats? (0)

macs4all (973270) | more than 3 years ago | (#36244774)

This is precisely what happens when you turn yourself into an "evil" company like Sony did and Apple are a long way through the process of doing - you will attract the hacker community and there will be thousands of people simultaneously trying to shame that company.

How in the HELL can you compare Sony to Apple like this?

Apple doesn't hide rootkits in their software or media files.

Apple doesn't actively prohibit "rooting" of their devices.

Apple doesn't pursue the iOS "hacker" community with legal threats, DMCA takedown notices, etc.

Apple doesn't embrace DRM every day, and in every way (they DO have to put up with SOME DRM due to pressures from "content providers"; but it is obvious they chafe against it).

Apple doesn't infest its products with an OS (Windows 7) that has DRM from the driver-level up.

Now, let's compare the above to Sony...

Re:History repeats? (0, Troll)

betterunixthanunix (980855) | more than 3 years ago | (#36244936)

Apple doesn't actively prohibit "rooting" of their devices.

http://gizmodo.com/303171/apple-says-unlocked-iphones-will-brick-after-software-update-+-what-does-it-mean [gizmodo.com]

Apple doesn't pursue the iOS "hacker" community with legal threats, DMCA takedown notices, etc.

http://news.cnet.com/apple-iphone-jailbreaking-violates-our-copyright/ [cnet.com]

Apple doesn't infest its products with an OS (Windows 7) that has DRM from the driver-level up.

http://tech.slashdot.org/story/05/08/01/0421248/Mac-OS-X-Intel-Kernel-Uses-DRM [slashdot.org]

Re:History repeats? (5, Informative)

Anonymous Coward | more than 3 years ago | (#36245228)

http://gizmodo.com/303171/apple-says-unlocked-iphones-will-brick-after-software-update-+-what-does-it-mean

That story from 2007 is not a threat, it's a warning that users can wipe out data on their jail broken phones and possibly not get it back.

http://news.cnet.com/apple-iphone-jailbreaking-violates-our-copyright/

Apple's responding to a complaint the EFF made. There's no Apple equivalent of GeoHot.

http://tech.slashdot.org/story/05/08/01/0421248/Mac-OS-X-Intel-Kernel-Uses-DRM

You're 1 for 3. The ppl who spent mod points on this post didn't read the stories that were linked to.

Re:History repeats? (2, Informative)

pandrijeczko (588093) | more than 3 years ago | (#36245000)

Apple doesn't hide rootkits in their software or media files.

Maybe not. But they were summoned to the US Senate [ethicalinvestigator.com] to answer questions on privacy concerns over what they track & why they track it unencrypted.

Apple doesn't actively prohibit "rooting" of their devices.

I think you need to read the last 2 lines about possibly denying sevice on this page [apple.com] .

Apple doesn't pursue the iOS "hacker" community with legal threats, DMCA takedown notices, etc.

It has put the mechanisms in place to do so in the future [eff.org] though.

Apple doesn't embrace DRM every day, and in every way (they DO have to put up with SOME DRM due to pressures from "content providers"; but it is obvious they chafe against it).

Apple dropped DRM from iTunes [macworld.com] about 2 years ago. It could be argued that they bowed to pressure from their user base after the Sony rootkit and CD DRM fuss. I have not come across a DRMed CD for some years now because of the stink DRM caused.

Apple doesn't infest its products with an OS (Windows 7) that has DRM from the driver-level up.

I'm mainly a Linux guy, I'm still using XP for some stuff but haven't played with Windows 7 much beyond setting up some laptops for colleagues - therefore I'm no expert on it. However, I am not aware of any restrictions on Windows 7 that stop you running non-DRMed formats on it exactly as you can do on previous iterations of Windows. I am led to believe that it provides a *platform* for DRM, again probably bowing to the same pressures from the RIAA that you said it was perfectly okay for Apple to have done during the early days of iTunes.

Just because you select a list of reasons why Apple are not evil does not mean they are not evil in other ways.

Re:History repeats? (2)

macs4all (973270) | more than 3 years ago | (#36245374)

Apple doesn't hide rootkits in their software or media files.

Maybe not. But they were summoned to the US Senate [ethicalinvestigator.com] to answer questions on privacy concerns over what they track & why they track it unencrypted.

Google, who is responsible for Android, was also called to those hearings. Apple sent a vice-president in charge of software development. Google sent a lobbyist. Apple voluntarily has already taken steps, and has promised to take further steps [securityweek.com] , to reduce both the amount of "tracking data", and to encrypt what data the user's phone does store. What has Google done/promised (I honestly don't know on that one)? But don't let facts available for nearly two months stop your rant.

Apple doesn't actively prohibit "rooting" of their devices.

I think you need to read the last 2 lines about possibly denying sevice on this page [apple.com] .

Yeah, EULAs always sound terrible. But point to me one instance of Apple actually doing that. [Crickets]

Apple doesn't pursue the iOS "hacker" community with legal threats, DMCA takedown notices, etc.

It has put the mechanisms in place to do so in the future [eff.org] though.

Again, the potential of doing it; but obviously Apple is just putting that in as a guard against an unforseeable "worst-case-scenario" threat. And again, please show me a single instance of Apple actually making good on any sabre-rattling. And didn't it get settled nearly a year ago [wired.com] that "Jailbreaking" was NOT illegal? Do you see Apple actively fighting that with signed bootloaders, security fuses, etc, like some Android Device manufacturers? So, your point, again?

Apple doesn't embrace DRM every day, and in every way (they DO have to put up with SOME DRM due to pressures from "content providers"; but it is obvious they chafe against it).

Apple dropped DRM from iTunes [macworld.com] about 2 years ago. It could be argued that they bowed to pressure from their user base after the Sony rootkit and CD DRM fuss. I have not come across a DRMed CD for some years now because of the stink DRM caused.

ANYTHING "can be argued". But at least Apple's CEO published an Open Letter [engadget.com] publicly decrying DRM. Has Sony? Howabout Google?

Apple doesn't infest its products with an OS (Windows 7) that has DRM from the driver-level up.

I'm mainly a Linux guy, I'm still using XP for some stuff but haven't played with Windows 7 much beyond setting up some laptops for colleagues - therefore I'm no expert on it. However, I am not aware of any restrictions on Windows 7 that stop you running non-DRMed formats on it exactly as you can do on previous iterations of Windows. I am led to believe that it provides a *platform* for DRM, again probably bowing to the same pressures from the RIAA that you said it was perfectly okay for Apple to have done during the early days of iTunes.

When Apple was starting out with iTunes, NO ONE would have signed up without DRM, and you (and everybody else) knows it. Even when iTunes had DRM on music, it was the weakest DRM possible. Individual songs weren't DRMed, per se; only Playlists were copy-restricted. NOTHING (but trust) prevented the user from deleting the Playlist, and recreating it, thus garnering another seven (then five) copies of a particular song. And let's not forget that iTunes also allows creating an Audio CD of a playlist, which essentially REMOVES THE DRM; because that CD can then be re-ripped, sans DRM. And then, once they had clout, Apple USED THAT CLOUT to BULLY the record companies into removing even THAT intentionally-weak DRM.

Now, let's compare that with Sony, where it took the DoJ rattling its sabre for them to stop putting rootkits on their audio CDs.

Just because you select a list of reasons why Apple are not evil does not mean they are not evil in other ways.

Name three.

Re:History repeats? (1)

joh (27088) | more than 3 years ago | (#36245384)

Just because you select a list of reasons why Apple are not evil does not mean they are not evil in other ways.

He's still right. Apple is very good at protecting their business and has a very clear vision how things should work and an unbending will to see it through, but I can't see anything genuinely evil here. In fact lots of things Apple does are rather considerate and cautios. iTunes has DRM but still you can install the apps and music you bought on all iPads and iPhones and iPods you may own. Same with the Mac App Store: You have more than one Mac? Buy once, install on all. They don't give your data to the newspaper publishers, they use random IDs for iAD instead of Device-IDs without anyone asking them to do that. They don't code their iOS apps in a way to fail on jailbroken devices. They may go after people who try to attack them, but they quite surely respect their users and customers.

And even if the file system encryption in iOS is less than perfect at least there is encryption, other than with Android which has none at all.

Re:History repeats? (1)

Anonymous Coward | more than 3 years ago | (#36245082)

> Apple doesn't hide rootkits in their software or media files.

Nor are they a content company like sony is.

> Apple doesn't actively prohibit "rooting" of their devices.

Yeah, steve just loves those jailbreaks right? Its not like the appstore tries to prevent this or anything.

> Apple doesn't pursue the iOS "hacker" community with legal threats, DMCA takedown notices, etc.

Apple tried very hard to prosecute people who develops and performs jailbreaks but where shot down by the courts. They also issue dmca takedown notices to any hacker community who would have the balls to inform people how to install or virtualize osx on a pc (Which is a 100% pure drm stye lockdown as a modern mac IS a high spec pc) regardless of wether they want to buy the software.

> Apple doesn't embrace DRM every day, and in every way

Osx is locked using drm to prevent it running in a virtual enviroment (Which really sucks for developers), and iPod is most certainly an attempt of a locked in device that uses both drm and propriatary formats to faux competitive mp3 players. Only the competition forced them to abandon this strategy.

> Apple doesn't infest its products with an OS (Windows 7) that has DRM from the driver-level up.

Ehh..What do you mean? And how does that compare to sony anyway???

> Now, let's compare the above to Sony... ....

The DMCA give's you the right to hack your phone! (0)

Joe The Dragon (967727) | more than 3 years ago | (#36245084)

The DMCA give's you the right to hack your phone! so there is little that apple can do.

Re:History repeats? (1)

Mysteray (713473) | more than 3 years ago | (#36245474)

Will Apple start issuing lawsuits and court orders left and right to try and stop this? And if so will it distract people from Sony's recent actions along those lines?

I doubt it. ElcomSoft's products are favorites of law enforcement and Apple employs some crypto people who know exactly what they're doing with the product's design.

Law enforcement raids journalists' houses and confiscates their computers for Apple, Apple leaves room for law enforcement to buy software from Russians to use against Americans.

What a shock... (1)

WaffleMonster (969671) | more than 3 years ago | (#36244230)

What thou doest encrypt thou can decrypt. Unless the encryption keys are not also stored on the device...sigh....

Meh (1)

mark-t (151149) | more than 3 years ago | (#36244240)

Wake me up when somebody makes a free tool that does this.

12345 luggage (-1)

Anonymous Coward | more than 3 years ago | (#36244252)

spaceballs! WATCH OUT!

Why does encryption never work? (0)

benwiggy (1262536) | more than 3 years ago | (#36244266)

Can someone explain the incongruity between these two statements:

"Don't worry, your data is encrypted with 256-bit RSA."
"Computer experts have cracked the encryption."

So why doesn't the fantastic mathematically complex encyption ever work? Why should I trust https? Or any other encrypted transmission?

Re:Why does encryption never work? (3, Informative)

0123456 (636235) | more than 3 years ago | (#36244350)

So why doesn't the fantastic mathematically complex encyption ever work? Why should I trust https? Or any other encrypted transmission?

Encryption does work: the flaw is normally in the key handling.

There's a fundamental incompatibility between security and convenience: people encrypt the data on their phone with 256-bit AES using a password of 'password' and are surprised that it can be broken. Or they rely on the phone to encrypt their data with a key that is... stored on the phone.

Re:Why does encryption never work? (1)

teslafreak (684543) | more than 3 years ago | (#36244364)

Because the only other option is just never to communicate information. All encryption can be undone given enough time, processing power, and a big enough sample of the data. The critical thing is just keeping up with the changning tactics and standards.

Re:Why does encryption never work? (1)

Anonymous Coward | more than 3 years ago | (#36244370)

because they didn't crack it at all.

they did the next best thing which is bruteforcing.
although, in this case it seems they can actually extract the encryption keys to bruteforce them somewhere else. something that shouldn't be possible in good encryption.

Re:Why does encryption never work? (2)

tacarat (696339) | more than 3 years ago | (#36244394)

Good encryption requires a good "key". Forget password, think passphrase.
Encryption is great when it's somebody intercepting your messages or data, but not so useful when they have access to an endpoint.
The effectiveness of a good lock is severely reduced if you can't remove the keys from it. Most hardware like this has a copy that can be gotten at by the diligent. It's how bluray ended up losing it's DRM.

Oh, and this [xkcd.com] .

Re:Why does encryption never work? (1)

h4rr4r (612664) | more than 3 years ago | (#36244414)

They are liars. This tool just does a brute force attack against a backup of the device, then once the key is found it can be used against the actual device. If you have a simple password this might work, if not too bad for them.

The only lessons here are always use long passwords and "security" companies are often 1 shade off of scammers. Even simple phrases like "And its fleece was white as snow" makes a decent passphrase due to length, changing it to "And) its( fleece* was6 white5 as4 snow3" makes it even better and still easy to remember. Just a phrase and a pattern. Sure random is even better, but most users won't bother to even use a simple phrase.

Re:Why does encryption never work? (1)

0123456 (636235) | more than 3 years ago | (#36244658)

Even simple phrases like "And its fleece was white as snow" makes a decent passphrase due to length, changing it to "And) its( fleece* was6 white5 as4 snow3" makes it even better and still easy to remember.

And you're going to type that in every time you use your phone?

Coming up with a good passphrase is much easier than convincing people to go to the trouble of using one.

Re:Why does encryption never work? (2)

rvw14 (733613) | more than 3 years ago | (#36244984)

Even better, just speak into the phone and say, "My voice is my password".

Re:Why does encryption never work? (1)

PRMan (959735) | more than 3 years ago | (#36245140)

Yes, because that is uncrackable unless you can convince a woman go to dinner with a nerd, which we all know would never happen in the real world...

Re:Why does encryption never work? (0)

Anonymous Coward | more than 3 years ago | (#36245036)

Damn, now I have to change my passphrase.

Re:Why does encryption never work? (3, Insightful)

Bryan3000000 (1356999) | more than 3 years ago | (#36244424)

Well, the flaws are always implementation details. Implementation details are usually botched in mobile devices, for convenience of the designer and (perhaps) because of hardware limitations, and in web applications, for the sake of interoperability and usability. And stupidness. Don't forget the stupid.

But, if you use a known good implementation (as much as it can be known, but pretty good with some FOSS) yourself (not implemented by a web service, but by you on your machine), then it's much less likely to be vulnerable, because the convenient and intentional weaknesses tend to be eliminated.

Re:Why does encryption never work? (2)

sphantom (795286) | more than 3 years ago | (#36244494)

The encryption itself is solid. What falls most of the time is the specific implementation. Say for example I made the choice to encrypt my hard drive but didn't use an already baked system like Ubuntu's home drive encryption. Instead I decided to do it by hand and code my own pre-boot initramfs to automatically handle decryption by hashing some hardware specific identifier from the bios. Except that since I'm not a security expert, I made some foolish coding error which allowed the hash to be intercepted or easily guessed. Then some hacker comes along, figures it out and now has full access to my encrypted data.

In this case the encryption itself is sound, and wasn't cracked, instead my shotty coding and/or lack of solid security knowledge was exploited. 9 times out of 10 this seems to be the case when encryption is defeated (brute forcing aside of course).

To answer your question though, why should you trust HTTPS? I'd say that you can never be 100% sure, but HTTPS has been around long enough to have been well tested by by people who rely on it being solid (banks, etc) that you're probably pretty safe. Rest assured that if HTTPS's implementation of encryption were cracked, it'd be news, and you'd know (I assume).

SSL 2, weak ciphers, renegotiation, foreign CAs (1)

tepples (727027) | more than 3 years ago | (#36245078)

Rest assured that if HTTPS's implementation of encryption were cracked, it'd be news, and you'd know (I assume).

SSL 2 has been cracked. Weak ciphers used in SSL 3 and later have been cracked. SSL renegotiation has been cracked. Root certificates owned by governments whose interests are not aligned with those of the United States and western Europe have been included in major web browsers' default repositories. And yes, they were all news.

Re:SSL 2, weak ciphers, renegotiation, foreign CAs (0)

Anonymous Coward | more than 3 years ago | (#36245380)

What weak cyphers were cracked? Or are you referring to "brute forced" which is kind of not cracked. Cracked means there is a flaw in the design of the algorithm.

Similarly, Apple's encryption was not cracked. The passphrase to the key was brute forced. That's night and day difference.

Renegotiation was not "cracked". Renegotiation worked as intended - it is the software that used renegotiation that failed to view the two streams as separate connections, as it should!

CA is a known issue and it has everything to do with convenience, not cryptographic weakness.

Therefore I question your understanding of the facts and what "cracked" means.

Re:SSL 2, weak ciphers, renegotiation, foreign CAs (1)

Mysteray (713473) | more than 3 years ago | (#36245504)

Renegotiation was not "cracked". Renegotiation worked as intended - it is the software that used renegotiation that failed to view the two streams as separate connections, as it should!

Except that renegotiation was developed by the very same people at Netscape and for the same specific purpose that it got used for: changing crypto parameters and client certificate authentication after the HTTP request had been made.

Re:Why does encryption never work? (0)

Barefoot Monkey (1657313) | more than 3 years ago | (#36244546)

RSA is usually 1024 bits or more. 256-bit sounds great if you're used to talking about AES encryption or other similar symmetric algorithms, but it's pretty small for an RSA key. I'm not an expert on cryptology (I haven't even read TFA yet so don't trust anything I say), but this looks like it was an easy target.

Re:Why does encryption never work? (1)

GCsoftware (68281) | more than 3 years ago | (#36244826)

They ARE talking about AES. No one uses asymmetric encryption for large amounts of data, due to its slow speed.

Re:Why does encryption never work? (2)

Barefoot Monkey (1657313) | more than 3 years ago | (#36245226)

Naturally. As I mentioned, I hadn't read the article when I wrote that and was responding directly to the parent poster's question:

Can someone explain the incongruity between these two statements:

"Don't worry, your data is encrypted with 256-bit RSA."
"Computer experts have cracked the encryption."

So why doesn't the fantastic mathematically complex encyption ever work? Why should I trust https? Or any other encrypted transmission?

There's no incongruity between the statements because a simple 256-bit RSA is not a great way to encrypt data.

Re:Why does encryption never work? (1)

GCsoftware (68281) | more than 3 years ago | (#36245376)

My bad, didn't get that you were replying to that.

And yes, 256-bit RSA is trivially decrypted, has been for quite a while.

Re:Why does encryption never work? (2)

BitZtream (692029) | more than 3 years ago | (#36245126)

You don't do drive encryption with asymmetric encryption, not if you actually want to use your data at any reasonable rate.

You generate a large key for symmetric encryption, then encrypt that key using asymmetric encryption.

Browsers for instance only use RSA for the initial key exchange, and then fall back to using AES or whatever is supported by both ends. Your https sessions use RSA for about 80 bytes of data exchange before the web server actually starts communicating with the client, your GET / request is sent using symmetric encryption, as is the response that comes back.

Re:Why does encryption never work? (2)

pandrijeczko (588093) | more than 3 years ago | (#36244570)

Just to be clear on this.

The encryption algorithms are publicly documented for methods like RSA, Bluefish or any of the other countless ones - that's the point behind them being used the world over.

But knowing *HOW* the encryption is done still doesn't get you in because you still need to get or work out the encryption key that's being used.

Re:Why does encryption never work? (1)

jgtg32a (1173373) | more than 3 years ago | (#36244602)

Standard != Implementation

The idea behind it is rock solid, but the engineering aspect is a bit tricky.

They didn't crack the crypto, just the security (1)

StandardCell (589682) | more than 3 years ago | (#36244910)

Folks have a hell of a time understanding the difference between security and cryptography, and the misleading sensationalist headlines don't help.

Cryptography is merely the study of hiding and unhiding information. It doesn't secure information. Security is about securing information from unauthorized access. These guys attacked the security of the device, probably through the protocol or through insecure hardware.

If the crypto itself (probably AES-256) had been broken, the NSA would have had some big problems on their hands due to the fact that the same crypto is used in the publicly-available Suite B algorithms.

Re:Why does encryption never work? (1)

Corwyn_123 (828115) | more than 3 years ago | (#36244958)

The thing about encryption is, it's the timeliness of data.

Anyone relying on encryption to store any data for any long periods of time are confused. Any encryption system, no matter how complex, can he defeated, given time, resources, and perhaps some skulduggery.

Look at WWII and the German Enigma machine. It was no more than a computer, and very hard to crack, in fact, it couldn't be cracked on the basis of the encrypted information itself. But it did it's job, messages were secure for the length of time that they needed to be, and even if it was decrypted after the fact, it didn't matter. It took the Allied forces stealing an Enigma device and code book to actually crack Enigma encrypted messages.

The same goes for anything, it's timeliness of information. If you encrypt something long term, and someone gets ahold of it, and they want it bad enough, and have the resources at their disposal, they will in time, get at that information.

Bottom line is 2 fold actually, timeliness of information and the fact that locks only keep honest people honest.

Re:Why does encryption never work? (1)

betterunixthanunix (980855) | more than 3 years ago | (#36244988)

Computer experts have cracked the encryption

Can you please point out the experts who have cracked RSA, DSA, DH, ElGamal, or ECC? Oh, right, the math has not been cracked, the only things we hear about are:

  1. Specific implementations being attacked, due to bugs or poorly thought out optimizations (i.e. that lead to side channel attacks).
  2. Proprietary crypto being cracked; why anyone would be using proprietary crypto in this day and age is a mystery to me, but people continue to do it.

Also, nobody speaks of 256 bit RSA in this century; the recommended key size for use with a 128 bit block cipher is 3072 bits when I last checked.

Re:Why does encryption never work? (1)

iluvcapra (782887) | more than 3 years ago | (#36245334)

Also, nobody speaks of 256 bit RSA in this century; the recommended key size for use with a 128 bit block cipher is 3072 bits when I last checked.

You only need a key size that big if you're doing asymmetric keys -- see Schneier and ridiculous key lengths [schneier.com] . The encryption on these phones is symmetric, and the reason it's so easy to crack is the 256 bit keys are in fact selected from a very restricted space: they just take four numeric digits from the phone entry and then maybe hash them to get better bit coverage.

2011 (1)

geekoid (135745) | more than 3 years ago | (#36244278)

Year of the Mac Attack.

Re:2011 (1)

thestudio_bob (894258) | more than 3 years ago | (#36244486)

Um.. this is iPhone, not Mac. Unless you meant "Year of Apple Attack".

Re:2011 (1)

geekoid (135745) | more than 3 years ago | (#36244608)

I know, but Mac Attack sounds better.

Re:2011 (1)

joh (27088) | more than 3 years ago | (#36245422)

As always here: "This isn't true, you know." -- "Yeah, I know, but it sounds better this way."

Sweet (0, Flamebait)

taxtropel (637994) | more than 3 years ago | (#36244304)

Way to go ElcomSoft! Good to see hackers sticking it to the once hacker-originated Apple Computers Inc. Sad to see that Apple Computers has become another catholic church style entity.

Re:Sweet (0)

Anonymous Coward | more than 3 years ago | (#36244496)

-1 Fucking Retard

Re:Sweet (1)

The Dawn Of Time (2115350) | more than 3 years ago | (#36244678)

What does that even mean?

Re:Sweet (0)

Anonymous Coward | more than 3 years ago | (#36244986)

That Macs now molest young boys?

Re:Sweet (1, Troll)

macs4all (973270) | more than 3 years ago | (#36244858)

Way to go ElcomSoft! Good to see hackers sticking it to the once hacker-originated Apple Computers Inc. Sad to see that Apple Computers has become another catholic church style entity.

Wow! Up your meds, dude!

Regardless of your platform choice, are you REALLY lauding the efforts of hackers whose efforts will not hurt Apple, but rather only the unfortunate users of their products?

What about the people who have been handed an iPhone/iPad by their employer? Do they deserved to be hacked, too?

Perhaps its time for you to head to the nearest psychologist/psychiatrist. What you are experiencing is commonly referred to "Misdirected Anger", and is usually a sign of some OTHER significant "perceived wrong" you have suffered.

Or perhaps, you're just an arrogant dick.

Principle (2)

iluvcapra (782887) | more than 3 years ago | (#36244412)

It seems like this would work on any phone, in principle. If you're using a 4-digit numeric password to protect your phone, any kind of phone, yeah, somebody's eventually going to crack it in a non-end-of-the-universe timeframe, if they get unattended access to it, and you don't remote-wipe it.

Use an alphanumeric password to protect your phone. Also, it's got a ton of your stuff on it, never leave it unattended for extended periods of time, never give it to people you don't trust. A cellphone is a very personal frob and no amount of engineering is going to make it safe from hacking, modulo the sensitivity of the data contained therein -- even if you pick a 20 char, completely random password, nefarious folk can still dust the screen for fingerprints, or surreptitiously videotape you unlocking your phone...

Re:Principle (0)

Anonymous Coward | more than 3 years ago | (#36244534)

Entirely not what this is about at all.

Re:Principle (1)

kybred (795293) | more than 3 years ago | (#36244650)

If you're using a 4-digit numeric password to protect your phone, any kind of phone, yeah, somebody's eventually going to crack it in a non-end-of-the-universe timeframe, if they get unattended access to it, and you don't remote-wipe it.

Unless you limit the number of failed attempts (and then brick/erase the device), or have an increasing delay after each failed attempt.

Re:Principle (1)

iluvcapra (782887) | more than 3 years ago | (#36245264)

If you can circumvent the crypto hardware and the tool has raw access to the storage, it can try passphrases willy-nilly and any such limits won't be applied.

Re:Principle (1)

joh (27088) | more than 3 years ago | (#36245204)

It seems like this would work on any phone, in principle. If you're using a 4-digit numeric password to protect your phone, any kind of phone, yeah, somebody's eventually going to crack it in a non-end-of-the-universe timeframe, if they get unattended access to it, and you don't remote-wipe it.

Well, on most phones (like Android ones) you don't need to go that far. The password ist just for protecting you against someone using the phone, but since the file system isn't encrypted at all on most phones, you can just dump the data and be done with it.

SO what! (0, Flamebait)

kurt555gs (309278) | more than 3 years ago | (#36244490)

If you wanted security and the ability to control what your phone is doing, and who has access, and if you delete something it's really deleted and actually know what programs (apps) are actually doing then go find a Nokia N900.

Otherwise, you are a consumer to be culled, and controlled, and not a customer to be sold on features where you are in control.

Sheep have won.

Use a decent password and you're ok (4, Informative)

jmichaelg (148257) | more than 3 years ago | (#36244628)

From their FAQ: [elcomsoft.com]

Only relatively short and simple passwords can be recovered in a reasonable time.

Re:Use a decent password and you're ok (0)

macs4all (973270) | more than 3 years ago | (#36244906)

From their FAQ: [elcomsoft.com]

Only relatively short and simple passwords can be recovered in a reasonable time.

But I thought that Bruce Schneier said that complex passwords were not any safer than short ones.

[Ducks]

Re:Use a decent password and you're ok (0)

Anonymous Coward | more than 3 years ago | (#36244948)

'Ducks' is a terrible password.

Re:Use a decent password and you're ok (1)

BitZtream (692029) | more than 3 years ago | (#36245184)

As is typical with people that think they 'know about security and encryption', you read one part of Schneier's statement and completely neglected the 'why' behind it.

Go read the rest of his paper, then come back. By the rest of it, I mean that it doesn't end after the first paragraph.

$320 Brutus (1)

HTH NE1 (675604) | more than 3 years ago | (#36244804)

The application is called the ElcomSoft Phone Password Breaker and costs around $320 for the Professional edition.

So this is not going to be another way to get your own apps onto the iPhone without jailbreaking, but rather reducing to a $320 barrier and sufficient period of time of your not having possession of your iPhone modulo the weakness of your passcode to your plausible deniability that someone has planted something on or used your iPhone for nefarious purposes without your knowledge.

Remember, the answer to the question "Has this item ever left your sight?" is always "Of course it has." The question is to establish your liability for the contents therein.

They aren't first to have this (1)

erroneus (253617) | more than 3 years ago | (#36244878)

You can bet that US and other law enforcement have probably been given the keys already. After all, how else would those [unconstitutional] mobile phone searches of US citizens used during US border crossings be able to work so easily and efficiently?

Re:They aren't first to have this (0)

Anonymous Coward | more than 3 years ago | (#36245134)

They just search blackberries?

Re:They aren't first to have this (1)

Mysteray (713473) | more than 3 years ago | (#36245526)

Simple, they use ElcomSoft. The iPhone4 is fairly new right?

Phone _hardware_ or the backup images? (1)

GCsoftware (68281) | more than 3 years ago | (#36244918)

From my reading of their FAQ, it seems that this tool can be used to decrypt the encrypted backup images that iTunes takes when syncing the phone, not the phones themselves.

Am I wrong? If it's the backup images, then I see the potential attack vector as slightly less serious as an iPhone is usually a lot easier to lose / have stolen from you than the machine you sync it with.

If you compromise physical access... (2)

Anubis IV (1279820) | more than 3 years ago | (#36244982)

...security is already compromised. We've known this forever. This new method requires 40 minutes of physical access to the phone. Either your phone has already been stolen, in which case they have all the time in the world to try number codes until it opens up for them, or it's been taken by the police, in which case you can probably be compelled to provide the codes necessary to access the device. Either way, this doesn't change too much. And if either of those concerns you as being too risky, why were you using a mobile phone to keep sensitive information in the first place, instead of something designed specifically to hold confidential information?

mkay (1)

Anonymous Coward | more than 3 years ago | (#36245008)

Since when did a brute force dictionary attack become encryption breaking?

exponential back off? (1)

MetalOne (564360) | more than 3 years ago | (#36245058)

Why does the software permit repeated rapid login attempts? Why isn't there some sort of exponential back off time between retries?

Re:exponential back off? (1)

joh (27088) | more than 3 years ago | (#36245224)

Well, maybe because there is a setting that just wipes the phone after 10 failed attempts.

And the value of this is ... nil? (1)

BitZtream (692029) | more than 3 years ago | (#36245230)

Unless you encrypt your backups and forget your password or your backups are stolen, its pretty much pointless.

I really don't see the point in encrypting my backups because well, if someone can get to my backups, they'd be far better off just taking the source data off my laptop.

Seriously, by the time someone can get to your backups, they have a larger more important device at their finger tips ... you know, the device that the iPhone got the data from in the first place, just use the source.

This is basically like being proud that you can decompile a windows app ... and ignoring the fact that you already have the source code since you wrote the app in the first place.

TFA, TFA... (2, Interesting)

Anonymous Coward | more than 3 years ago | (#36245370)

Looks like TFA didn't read TFA.
Or misunderstood it big time. All of the comments are also about their OLD TOOLS which are related to brute forcing and analysing the BACKUPS and have nothing to do with this hardware encryption getting cracked.
If you read the blog post they say there that there is some data that's not included in the backup that you can access with the hardware encryption keys.
Also they're saying they don't want this ending up in the "wrong hands" and will only offer it to governments and such.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>