Apple's iOS 4 Hardware Encryption Cracked

← Back to Stories (view on slashdot.org)

Apple's iOS 4 Hardware Encryption Cracked

Posted by samzenpus on Wednesday May 25, 2011 @09:21AM from the what-took-so-long? dept.

adeelarshad82 writes "Russian company ElcomSoft is claiming to have cracked the 256-bit hardware encryption Apple uses to protect the data on iOS 4 devices, and is offering software that allows anyone to do it. ElcomSoft can now gain full access to what is stored on a gadget such as the iPhone 4. This includes historical information such as geolocation data, browsing history, call history, text messages and emails, usernames, and passwords."

4 of 208 comments (clear)

Min score:

Reason:

Sort:

well... by Anonymous Coward · 2011-05-25 09:25 · Score: 0, Flamebait

I'd better switch to Android pronto - I'm sure that's safe!
1. Re:well... by errandum · 2011-05-25 11:29 · Score: 0, Flamebait
  
  What?
  First, there are a few almost 100% random generators. I prefer electromagnetic field variations, some use radioactive field decay, but there are more. Google them, I'm not here to teach you.
  Second, I had a whole course dedicated almost exclusively to to encryption. I've implemented 3xDES, AES and RSA (C code, mind you, not easymode java). The first way to get your key broken is to make them predictable. It doesn't matter if you use a Password Based Key Derivation or not, if your universe of keys is known (in this case it's based on your phone's ID's, if what I read was true), enough processing power and you'll get there (it's what they seem to be doing).
  Third and foremost, who the fuck are you to judge my knowledge based on those 3 lines? I know about salting, about making things slow enough to frustrate brute force attacks, etc. I wonder how you decided I did not, but please, fuck off.
Sweet by taxtropel · 2011-05-25 09:33 · Score: 0, Flamebait

Way to go ElcomSoft! Good to see hackers sticking it to the once hacker-originated Apple Computers Inc. Sad to see that Apple Computers has become another catholic church style entity.
SO what! by kurt555gs · 2011-05-25 09:47 · Score: 0, Flamebait

If you wanted security and the ability to control what your phone is doing, and who has access, and if you delete something it's really deleted and actually know what programs (apps) are actually doing then go find a Nokia N900.
Otherwise, you are a consumer to be culled, and controlled, and not a customer to be sold on features where you are in control.
Sheep have won.

--
* Carthago Delenda Est *