From the time the legendary confrontation with the FBI, the subject of which was the iPhone, which is in the case of the shooting in San Bernardino in 2016, the company Apple invested a substantial proportion of their extensive resources on the safety and security of iPhones. Most recently released smartphones, which, according to some people, are the most safe, created for the General public. However, some believe that the government, law enforcement agencies and their technical partners are currently experiencing a “Golden age” of hacking iPhones. That is the wording used specialist forensics police West Virginia Chris Vance (Chris Vance), speaking in August to a webcast dedicated to the latest technology hacking iPhones called “Grace” (GrayKey). The publication of the magazine “Forbes” in March producer “Grace” company “Greyshirt” (Grayshift) stated that to hack locked iPhones, even the latest models with the latest version of IOS.
But when Vance five months later talked about the serene times of criminologists specializing in iPhones, he just talked about the ability to “Grace” to collect data from devices of the company “Apple” and not just about the technique of obtaining passwords. Because “Grace” doing what others can’t: it captures the entire file system of iPhone. Vance described it as “one of the most important achievements in the field of criminalistics over many years”. He even sent a “Grayshirt” locked with a password iPhone X, and the company opened the entire file system and all the interesting data that was on the phone. The last time the feds got such a deep access to unpurchased premium cell phones IOS system in the case of the iPhone 4, released in 2010, says Vance, a researcher from the contractor to the canadian government “Magnet, Forensics” (Magnet Forensics). The file system is a set of data that can be invaluable for the police, said Vance. Private messages on Facebook and Instagram now easy to obtain. Like all e-mail data from the mail app. Same thing with deleted text messages, even if they are erased immediately after sending or receipt. Add to that open browser Windows, not only on iPhone but also on a synchronized makbukah and iPads. As well as information about which access point the Wi-Fi was used in a variety of applications. Plus, from memory the extracted data searches in Google. There is also a significant amount of location data that produces “Grace”. “Now, there is such a large amount of location data that now we are finally able again to do research and deep analysis,” said Vance. Even besides the “Grace”, with other tools such as “Celebrate”, Elcomsoft, “Magnet” and “oxygen”, law enforcement can obtain from iPhones variety of information. Even before information “Grace” “Forbes” said that the Israeli company “Celebrate” boasted the ability to unlock latest models of iPhones, and it was in February 2018. However it is easy to understand why with all of the data available to law enforcement through “Greyshirt”, Vence and other armed “Grace”. Us authorities have given themselves. Among the latest customers “Greyshirt” the number of Federal Agency of drug enforcement and the Bureau to ensure compliance with immigration and customs regulations. The last deal, estimated at 384 thousand dollars, excited activists in the field of human rights protection, given the strict policy of the President of trump in relation to immigration. New iPhones offer greater security Almost not surprising in this case that Apple puts power in the security and protection of personal data. The iPhone XS, XR and XS Max, will be in stores on Friday, called the safest models in history. And for good reason. There are a number of significant innovations that can improve technique. For example, authentication codes Poynter are an attempt to guarantee the authenticity of any references to the data flowing through the chip. “This increases the level of difficulty for a variety of attacks,” says Nikias Swimming pool (Nikias Bassen), known cracker iPhones, now working for a company providing mobile security “Imperium” (Zimperium). He pointed to common form of attack that the updates from Apple should be prevented. This kind of attack known as return oriented programming (abbreviated ROP), the attack is trying to achieve from the device of the use of legitimate code in the insidious purposes. In IOS 12, there is a lot that can cheer from the viewpoint of protection of personal data. The system includes the integration of password managers and autocomplete for one-time authentication codes. Both should facilitate managing logins with complex passwords. And that is the most important, users can now turn on automatic updates. Despite the fact that it is optional, it is highly advisable to include it, says Ryan Stortz (Ryan Stortz), a researcher in the field of security in the “Trilobites” (TrailofBits).
There is also the restriction mode USB, which to some extent to cope with such a hopeless tools like “Grace”. When it is included, by default, any iPhone that had been locked for hours, unable to transmit data connected to the computer is essential for the work of the forensic — while not physically input a password. In IOS 12 this feature has been further developed. If it’s been over three days since last connect iPhone to computer, no data transfer is possible. And if the iPhone is in a state where the unlock requires fingerprint or face, for example, when you restart the gadget, turn on restriction mode USB. Endless war iPhone All of these updates to some extent destroy the functionality of forensic analysis. However, if they would help “Apple” to end this “Golden era” of forensic investigation of iPhones?
Probably not. Luca Todesco (Todesco Luca), a young cracker and hacker iPhone, said that he had found a way to circumvent the protection offered by the codes of the authentication pointer. “There are realistic limits its capabilities, it is not a panacea, — he told to our edition. Is a definite step forward, it raises the bar. But as they say, full security does not happen”. Before done Todesco has already been identified bypass mode USB limit using equipment costing only ten dollars. Vance even made a list of USB modems that can use the police to ensure that the device is not switched to the limitations of USB. However, Vladimir katalov, the General Director of the Russian company Elcomsoft, working in crime analysis finds that really was the end of the Golden age. Despite great respect for the work of “Greyshirt” hacking the security of iPhones, Katalov said that the updates Apple will put into question the raison d’être of the company. “Grace” is just not guaranteed the future, said the experienced expert on criminology. “Greyshirt” did not respond to a request to comment during the publication of the material. “If you think about it, how many users are updating their equipment to the latest IOS version, especially considering how good the current version of IOS 12, “Grayshott” today is supported by a small minority of devices — adds Katalov. — At the end of this tunnel there is no light”.
Read more •••