Top Links You Must Click On
From the Wires
Elcomsoft Phone Breaker 8.0 Adds Forensic Support for iOS 11 and New Apple Devices
By: PR Newswire
Sep. 14, 2017 06:13 AM
MOSCOW, September 14, 2017 /PRNewswire/ --
Elcomsoft Co. Ltd. updates Elcomsoft Phone Breaker, the company's forensic extraction tool. Version 8.0 becomes a major release with support for local and cloud backups, data and cloud passwords produced by iPhones and iPads running iOS 11, including the newly announced range of iPhone devices. Elcomsoft Phone Breaker 8.0 receives the ability to decrypt local backups saved by devices running iOS 11, run GPU-accelerated attacks on passwords protecting encrypted backups, download system backups, photos and media from iCloud Drive and access synced information from iCloud, including access to iCloud Keychain.
"iOS 11 became even more secure than iOS 10", says Vladimir Katalov, Elcomsoft CEO. "With multiple changes to data formats, encryption schemes and communication protocols, getting support for iOS 11 ready by the time the new OS is released was a challenge and a major achievement of our research and development team."
In addition, the eighth version of Elcomsoft Phone Breaker now provides Two-Factor Authentication support (a long-time Forensic edition exclusive) for users of Forensic and Professional editions at no extra charge.
The update is free of charge to all customers who purchased or renewed their Elcomsoft Phone Breaker or Elcomsoft Mobile Forensic Bundle license within one year. Discounted renewal is available to customers whose maintenance plan has already expired.
About iOS 11 and Its Forensic Implications
The newest update of Apple's mobile OS, the iOS 11, is a 64-bit exclusive. The new OS is provided as an immediately available update to users of iPhone 5s, SE, and iPhone 6/Plus through 7/Plus as well as the corresponding versions of iPad and iPod Touch. Considering the speed of adoption of major iOS updates, iOS 11 should be running on the majority of compatible devices in a matter of months, if not weeks.
iOS 11 includes multiple changes and enhancements to its security model. While some of the more obvious changes were outlined in New Security Measures in iOS 11 and Their Forensic Implications [https://blog.elcomsoft.com/2017/09/new-security-measures-in-ios-11-and-their-forensic-implications/], most of the changes in the new OS were made under the hood.
One of the most important changes to iOS 11 from the forensic standpoint is the limited ability for law enforcement specialists to perform logical acquisition of iOS 11 devices unlocked with any method other than passcode. iOS 11 now requires a passcode to pair the device with a computer, which is a required pre-requisite for using logical extraction. Considering the many changes to iOS 11 security model, physical acquisition of iOS 11 devices out of the question, at least for the time being. This in turn means that, for devices with an unknown passcode, only two acquisition options remain: using an existing pairing record extracted from the user's computer or performing cloud extraction.
Elcomsoft pioneered iCloud extraction. With in-house research and development, Elcomsoft is a leader in providing the fastest and most complete cloud extraction for Apple devices running all versions of iOS. Thanks to Elcomsoft Phone Breaker, iCloud extraction can return most everything stored in the device including system backups, iCloud Keychain, as well as many types of synced items such as calendars, mail, contacts, recent call history and a lot more.
iOS 11 Support in Elcomsoft Phone Breaker
In iOS 11, Apple made a number of changes to data formats and encryption, and once again altered communication protocols for exchanging information between iOS devices and iCloud.
Elcomsoft Phone Breaker 8.0 comes with support for iOS 11, recognizing the changes Apple made to the various components of the new OS and corresponding cloud services. Elcomsoft Phone Breaker 8.0 can decrypt local backups produced by iOS 11 devices and run hardware-accelerated attacks on their passwords; obtain cloud backups, files and synced data from iCloud Drive.
Elcomsoft Phone Breaker 8.0 can access iCloud Keychain items synced by iOS 11 devices. iCloud Keychain is Apple's secure online password storage for keeping passwords, financial information and authentication credentials synchronized across user's iOS and macOS devices. With access to iCloud Keychain, experts can quickly extract passwords and access user's online accounts and communication histories when physical and logical acquisition methods are not available.
Two-Factor Authentication: Also in the Professional Edition
It is difficult to overestimate the importance of Two-Factor Authentication for securing access to online accounts. In iOS 11, Apple starts pushing two-factor authentication harder, displaying a prominent pending notification dot over the Settings icon. By opening Settings, users are presented a pending notification reminding them to enable two-factor authentication on their account.
Considering the inevitable spread of Two-Factor Authentication, Elcomsoft alters its licensing to allow more customers to acquire information from accounts protected with a secondary authentication factor. Starting with Elcomsoft Phone Breaker 8.0, support for Two-Factor Authentication has been included to both Professional and Forensic editions. Prior to 8.0 release, two-factor authentication support was a Forensic Edition exclusive.
Two-Factor Authentication support is available via one-time codes pushed to trusted devices or generated on a trusted device. Using an authentication token extracted from the user's computer can help bypass both password and two-factor authentication protection; however, token-based authentication is still included with the Forensic edition only.
Existing users of Elcomsoft Phone Breaker Professional with valid, non-expired licenses will enjoy Two-Factor Authentication support at no extra charge once they update to Elcomsoft Phone Breaker 8.0.
About Elcomsoft Phone Breaker
Elcomsoft Phone Breaker is an all-in-one mobile acquisition tool to extract information from a wide range of sources. Supporting offline and cloud backups created by Apple, BlackBerry and Windows mobile devices, the tool can extract and decrypt user data including cached passwords and synced authentication credentials to a wide range of resources from local backups. Cloud extraction with or without a password makes it possible to decrypt FileVault 2 containers without lengthy attacks and pull communication histories and retrieve photos that've been deleted by the user a long time ago.
Pricing and Availability
Elcomsoft Phone Breaker 8.0 is available for both Windows and macOS. Home, Professional and Forensic editions are available. iCloud recovery and Two-Factor Authentication support are only available in Professional and Forensic editions, while password-free iCloud access as well as the ability to download arbitrary information from iCloud and iCloud Drive are only available in the Forensic edition. Elcomsoft Phone Breaker Pro is available to North American customers for $199. The Forensic edition enabling over-the-air acquisition of iCloud data and support for binary authentication tokens is available for $799. The Home edition is available for $79. Local pricing may vary.
Elcomsoft Phone Breaker supports Windows 7, 8, 8.1, and Windows 10 as well as Windows 2008, 2012 and 2016 Server. The Mac version supports Mac OS X 10.7 and newer. Elcomsoft Phone Breaker operates without Apple iTunes or BlackBerry Link being installed. In order to access iCloud Keychain, Windows users must have iCloud for Windows installed, while Mac users must run macOS 10.11 or newer.
About Elcomsoft Co. Ltd.
Founded in 1990, ElcomSoft Co. Ltd. develops state-of-the-art computer forensics tools, provides computer forensics training and computer evidence consulting services. Since 1997, Elcomsoft has been providing support to businesses, law enforcement, military, and intelligence agencies. Elcomsoft tools are used by most of the Fortune 500 corporations, multiple branches of the military all over the world, foreign governments, and all major accounting firms. Elcomsoft is a Microsoft Partner (Gold Application Development), Intel Premier Elite Partner and member of NVIDIA's CUDA/GPU Computing Registered Developer Program.
Enterprise Open Source Magazine Latest Stories . . .
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week