iOS 10 found to have weakened iPhone and iPad securityBy Robin-Leigh Chetty 26 September 2016 | Categories: news
When Apple began its initial rollout of iOS 10, several users experienced an error in which a complete restore was prompted. Since then, Apple has corrected the issue, but now has another one to contend with, this time far more serious in nature. According to Russian software security firm Elcomsoft, the latest version of iOS may have inadvertently weakened the security of iPhones and iPads.
Elcomsoft says that backups saved after users make the upgrade to iOS 10 now skips numerous security checks that were previously in place with earlier versions. This new password verification mechanism is viewed as highly flawed by Elcomsoft, which has a phone breaker tool that can deliver targeted attacks to password-protected backups.
The Russian company also adds that the newly encrypted backups in iOS 10 can be cracked roughly 2500 times faster than it was for iOS 9. This is because the newly discovered security flaws allows Elcomsoft's phone cracking tool to run 6 million passwords per second, as opposed to 2400 passwords on the previous version of iOS.
As for Apple's response to all this, the Cupertino-based company gave a statement to Forbes. "We're aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups. We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorised users. Additional security is also available with FileVault whole disk encryption."
Although the iOS 10 update is yet to hit local devices en masse, it might be a good move to wait on making the upgrade until Apple provides assurance that the security flaw has been addressed.
Most Read Articles
Have Your Say
What new tech or developments are you most anticipating this year?