Forbes has reported that Apple’s new operating system has a big problem, which could cause users to fall victims to password hackers. The iPhone’s security has been accidentally weakened and users who have saved a backup after upgrading to iOS 10 shouldn’t be surprised if their data will be stolen, because a bug has affected the encryption strength, giving hackers the possibility to access localized backups.
The vulnerability was discovered by Elcomsoft, a Russian firm that is known for its tool that breaks into iPhones, which has noticed that the iOS’s password security checks for backups have become 2,500 times weaker. It seems that backups use now a new “password verification mechanism” that skips several security checks and hackers who manage to crack them are able to get their hands on backed-up data and to recover credentials from Apple’s Keychain password manager. It’s a very delicate situation, because attackers could steal not only stored passwords and authentication tokens for Safari, but also for third-party apps and credit-card data.
In iOS 9, there are processed 2,400 passwords per second, while in iOS 10 can run 6 million passwords per second and thanks to Elcomsoft’s new attack, the encryption could be cracked “approximately 2500 times faster compared to the old mechanism used in iOS 9 and older.” Apple has been informed about this vulnerability, and the company has promised to correct it: “We’re aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups.”
Apple is advising users to protect their Macs or PCs with strong passwords, so that nobody else will have access to their files. Also, the company has suggested users to add more security with FileVault, in order to encrypt the startup disk on their Mac. It’s better to wait until Apple will bring a new iOS 9 update, which will fix this issue, then to back up your iPhone.
Every techie needs a pair of sick headphones. Neurogadget recommends these Audio Technica Professional Studio Monitor Headphones for both their quality and their cool-factor.