These tools are essentially professional-level, forensic software used by law enforcement and other organizations to collect data. But to show that an attacker wouldn’t necessarily need that to gain access to phone data, we also used a pair of simpler “hacks,” attacking a family member’s account (again, with permission) by using only an iPhone and iTunes running on a Windows machine.Īs things stand right now, a determined attacker will still find plenty of ways to get to iPhone data. They need to gain physical access to the device, or harvest or crack credentials to do so. The weakest links are components of the iCloud service.īut there are ways to do this that won't alert the victim. The iCloud thefts were likely aided and abetted either by a weakness in iCloud’s authentication for the “Find My iPhone” application interface or by some clever deduction of passwords or security questions based on data about the targets gleaned from public sources (like, for example, Wikipedia). Sadly iCloud backups, because of their nature, often contain data long gone from a phone itself, or at least data that's gone from what the phone user can see onscreen.Īgain, Apple has a number of security fixes coming.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |