Playing devil’s advocate: iPhone anti-forensics
Everyone’s iPhones contain overwhelming amounts of highly sensitive personal information. Even if some of that data is not stored on the device, the iPhone itself or the data inside can work as a key to other many things from bank accounts to private family life. While there are many possible vectors of attack, the attacker will always try exploiting the weakest link. Learn to think like one, find the weakest link and eliminate the potential vulnerabilities before they are exploited. This guide comes from the forensic guys making tools for the law enforcement, helping the good guys break into the bad guys’ iPhones.
👉 https://blog.elcomsoft.com/2020/09/playing-devils-advocate-iphone-anti-forensics/
#dfir #mobilesecurity #iossecurity #antiforensics #icloud #password #iphone
Everyone’s iPhones contain overwhelming amounts of highly sensitive personal information. Even if some of that data is not stored on the device, the iPhone itself or the data inside can work as a key to other many things from bank accounts to private family life. While there are many possible vectors of attack, the attacker will always try exploiting the weakest link. Learn to think like one, find the weakest link and eliminate the potential vulnerabilities before they are exploited. This guide comes from the forensic guys making tools for the law enforcement, helping the good guys break into the bad guys’ iPhones.
👉 https://blog.elcomsoft.com/2020/09/playing-devils-advocate-iphone-anti-forensics/
#dfir #mobilesecurity #iossecurity #antiforensics #icloud #password #iphone
Elcomsoft Phone Breaker 9.63 – maintenance release
Elcomsoft Phone Breaker 9.63 fixes a number of small but annoying bugs, making the usage experience smoother. With support for iCloud backups and the largest number of synced data categories, Elcomsoft Phone Breaker remains an acquisition tool in a class of its own.
👉 https://www.elcomsoft.com/news/764.html
#ios #iphone #mobileforensics #dfir #icloud #passwords
Elcomsoft Phone Breaker 9.63 fixes a number of small but annoying bugs, making the usage experience smoother. With support for iCloud backups and the largest number of synced data categories, Elcomsoft Phone Breaker remains an acquisition tool in a class of its own.
👉 https://www.elcomsoft.com/news/764.html
#ios #iphone #mobileforensics #dfir #icloud #passwords
The Forensic View of iMessage Security
Apple iMessage is an important communication channel and an essential part of forensic acquisition efforts. iMessage chats are reasonably secure. Your ability to extract iMessages as well as the available sources of extraction will depend on several factors. Let’s discuss the factors that may affect your ability to extract, and what you can do to overcome them.
👉 https://blog.elcomsoft.com/2020/10/the-forensic-view-of-imessage-security/
#ios #imessage #mobilesecurity #mobileforensics #dfir #icloud
Apple iMessage is an important communication channel and an essential part of forensic acquisition efforts. iMessage chats are reasonably secure. Your ability to extract iMessages as well as the available sources of extraction will depend on several factors. Let’s discuss the factors that may affect your ability to extract, and what you can do to overcome them.
👉 https://blog.elcomsoft.com/2020/10/the-forensic-view-of-imessage-security/
#ios #imessage #mobilesecurity #mobileforensics #dfir #icloud
Protecting iMessage Communications
How secure are your chats in your favorite instant messenger? Can someone intercept and read your secret conversations, and can you do something about it? Apple users have access to the highly popular instant messaging system, the iMessage. But how secure it really is? Let’s find out.
👉 https://blog.elcomsoft.com/2020/11/protecting-imessage-communications/
#mobilesecurity #chats #dfir #imessage #icloud
How secure are your chats in your favorite instant messenger? Can someone intercept and read your secret conversations, and can you do something about it? Apple users have access to the highly popular instant messaging system, the iMessage. But how secure it really is? Let’s find out.
👉 https://blog.elcomsoft.com/2020/11/protecting-imessage-communications/
#mobilesecurity #chats #dfir #imessage #icloud
Apple Scraps End-to-End Encryption of iCloud Backups
Reportedly, Apple dropped plan for encrypting backups after FBI complained. Apple’s decision will undoubtedly cause turmoil and will have a number of consequences. In this article, I want to talk about the technical reasons for encrypting or not encrypting cloud backup, and compare Apple’s approach with the data encryption strategies used by Google, who have been encrypting Android backups for several years.
👉 https://blog.elcomsoft.com/2021/01/apple-scraps-end-to-end-encryption-of-icloud-backups/
#dfir #cybersecurity #mobileforensics #e2ee #icloud
Reportedly, Apple dropped plan for encrypting backups after FBI complained. Apple’s decision will undoubtedly cause turmoil and will have a number of consequences. In this article, I want to talk about the technical reasons for encrypting or not encrypting cloud backup, and compare Apple’s approach with the data encryption strategies used by Google, who have been encrypting Android backups for several years.
👉 https://blog.elcomsoft.com/2021/01/apple-scraps-end-to-end-encryption-of-icloud-backups/
#dfir #cybersecurity #mobileforensics #e2ee #icloud
End-to-End Encryption in Apple iCloud, Google and Microsoft Accounts
The proliferation of always connected, increasingly smart devices had led to a dramatic increase in the amount of highly sensitive information stored in manufacturers’ cloud accounts. Apple, Google, and Microsoft are the three major cloud providers who also develop their own hardware and OS ecosystems. In this report, we’ll see how these companies protect their users’ highly sensitive information compared to each other.
👉 https://blog.elcomsoft.com/2021/01/end-to-end-encryption-in-apple-icloud-google-and-microsoft-accounts/
#e2ee #icloud #google #microsoftaccount #apple #cloudsecurity #datasecurity
The proliferation of always connected, increasingly smart devices had led to a dramatic increase in the amount of highly sensitive information stored in manufacturers’ cloud accounts. Apple, Google, and Microsoft are the three major cloud providers who also develop their own hardware and OS ecosystems. In this report, we’ll see how these companies protect their users’ highly sensitive information compared to each other.
👉 https://blog.elcomsoft.com/2021/01/end-to-end-encryption-in-apple-icloud-google-and-microsoft-accounts/
#e2ee #icloud #google #microsoftaccount #apple #cloudsecurity #datasecurity
The Inception of Elcomsoft Phone Breaker
It’s been 10 years since we have released one of our flagship products, Elcomsoft Phone Breaker. The first version appeared in April 2011, and was named “iPhone Password Breaker”. Since then, we made tons of improvements. The tool lost the “iPhone” designation, and the “Password” part was dropped from its name because it was no longer limited to iPhones or passwords. Today, the tool can offer unmatched features for the mobile forensic specialists.
👉 https://blog.elcomsoft.com/2021/05/the-inception-of-elcomsoft-phone-breaker/
#iphone #ios #icloud #mobileforensics
It’s been 10 years since we have released one of our flagship products, Elcomsoft Phone Breaker. The first version appeared in April 2011, and was named “iPhone Password Breaker”. Since then, we made tons of improvements. The tool lost the “iPhone” designation, and the “Password” part was dropped from its name because it was no longer limited to iPhones or passwords. Today, the tool can offer unmatched features for the mobile forensic specialists.
👉 https://blog.elcomsoft.com/2021/05/the-inception-of-elcomsoft-phone-breaker/
#iphone #ios #icloud #mobileforensics
Hey Dude, Where Is My iCloud Data?
by Vladimir Katalov
For more than ten years, we’ve been exploring iPhone backups, both local and iCloud, and we know a lot about them. Let’s reveal some secrets about the different types of backups and how they compare to each other.
👉 https://blog.elcomsoft.com/2021/05/hey-dude-where-is-my-icloud-data/
#icloud #cloudforensics #phonebreaker
by Vladimir Katalov
For more than ten years, we’ve been exploring iPhone backups, both local and iCloud, and we know a lot about them. Let’s reveal some secrets about the different types of backups and how they compare to each other.
👉 https://blog.elcomsoft.com/2021/05/hey-dude-where-is-my-icloud-data/
#icloud #cloudforensics #phonebreaker
iOS 15 Forensic Implications: Temporary iCloud Backups
One of the main problems of iCloud forensics (unknown account passwords aside) is the sporadic nature of cloud backups. Experts often find out that a given user either does not have device backups in their iCloud account at all, or only has a very old backup. This happens primarily because of Apple’s policy of only granting 5GB of storage to the users of the free tier. While users can purchase additional storage for mere 99 cents a months, very few do so. iCloud Photos, downloads and other data quickly fill up the allotted storage space, leaving no space for a fresh cloud backup.
👉 https://blog.elcomsoft.com/2021/08/ios-15-forensic-implications-temporary-icloud-backups/
#ios #mobileforensics #icloud #cloudforensics #iphone
One of the main problems of iCloud forensics (unknown account passwords aside) is the sporadic nature of cloud backups. Experts often find out that a given user either does not have device backups in their iCloud account at all, or only has a very old backup. This happens primarily because of Apple’s policy of only granting 5GB of storage to the users of the free tier. While users can purchase additional storage for mere 99 cents a months, very few do so. iCloud Photos, downloads and other data quickly fill up the allotted storage space, leaving no space for a fresh cloud backup.
👉 https://blog.elcomsoft.com/2021/08/ios-15-forensic-implications-temporary-icloud-backups/
#ios #mobileforensics #icloud #cloudforensics #iphone
Cloud Forensics: the New Reality
The majority of mobile devices today are encrypted throughout, making extractions difficult or even impossible for major platforms. Traditional attack vectors are becoming a thing of the past with encryption being moved into dedicated security chips, and encryption keys generated on first unlock based on the user’s screen lock passwords. Cloud forensics is a great alternative, often returning as much or even more data compared to what is stored on the device itself.
👉 https://blog.elcomsoft.com/2021/09/cloud-forensics-the-new-reality/
#icloud #iphone #cloudforensics #iossecurity #mobileforensics
The majority of mobile devices today are encrypted throughout, making extractions difficult or even impossible for major platforms. Traditional attack vectors are becoming a thing of the past with encryption being moved into dedicated security chips, and encryption keys generated on first unlock based on the user’s screen lock passwords. Cloud forensics is a great alternative, often returning as much or even more data compared to what is stored on the device itself.
👉 https://blog.elcomsoft.com/2021/09/cloud-forensics-the-new-reality/
#icloud #iphone #cloudforensics #iossecurity #mobileforensics
iCloud Extractions Without Passwords and Tokens: When a Trusted Device is Enough
A lot of folks (and even some law enforcement experts) are looking for a one-click solution for mobile extractions and data decryption. Unfortunately, in today’s day and age there are no ‘silver bullet’ solutions. In the days of high-tech mobile devices and end-to-end encryption one must clearly understand the available options, and plan their actions accordingly. The time of ‘snake oil’ exploits is long gone. The modern world of mobile forensics is complex, and your actions will depend on a lot of factors. Today, we’re going to make your life a notch more complex by introducing a new iCloud authentication option you’ve never heard of before.
👉 https://blog.elcomsoft.com/2021/10/icloud-extractions-without-passwords-and-tokens-when-a-trusted-device-is-enough/
#ios #icloud #2fa #dfir #cloudsecurity #cloudforensics
A lot of folks (and even some law enforcement experts) are looking for a one-click solution for mobile extractions and data decryption. Unfortunately, in today’s day and age there are no ‘silver bullet’ solutions. In the days of high-tech mobile devices and end-to-end encryption one must clearly understand the available options, and plan their actions accordingly. The time of ‘snake oil’ exploits is long gone. The modern world of mobile forensics is complex, and your actions will depend on a lot of factors. Today, we’re going to make your life a notch more complex by introducing a new iCloud authentication option you’ve never heard of before.
👉 https://blog.elcomsoft.com/2021/10/icloud-extractions-without-passwords-and-tokens-when-a-trusted-device-is-enough/
#ios #icloud #2fa #dfir #cloudsecurity #cloudforensics
The Five Ways to Recover iPhone Deleted Data
iOS security model offers very are few possibilities to recover anything unless you have a backup, either local or one from the cloud. There are also tricks allowing to recover some bits and pieces even if you don’t. In this article we’ll talk about what you can and what you cannot recover in modern iOS devices.
Before we begin, I highly recommend reading our previous article aimed at demystifying bogus claims made by some unscrupulous vendors of data recovery tools: The iPhone Data Recovery Myth: What You Can and Cannot Recover. Below are the types of data you can actually recover.
👉 https://blog.elcomsoft.com/2021/11/the-five-ways-to-recover-iphone-deleted-data/
#ios #icloud #iphone #backup #syncedfiles #deletedrecords
iOS security model offers very are few possibilities to recover anything unless you have a backup, either local or one from the cloud. There are also tricks allowing to recover some bits and pieces even if you don’t. In this article we’ll talk about what you can and what you cannot recover in modern iOS devices.
Before we begin, I highly recommend reading our previous article aimed at demystifying bogus claims made by some unscrupulous vendors of data recovery tools: The iPhone Data Recovery Myth: What You Can and Cannot Recover. Below are the types of data you can actually recover.
👉 https://blog.elcomsoft.com/2021/11/the-five-ways-to-recover-iphone-deleted-data/
#ios #icloud #iphone #backup #syncedfiles #deletedrecords
Elcomsoft Phone Breaker 10.1: bugfix and maintenance release
Elcomsoft Phone Breaker 10.1 fixes bugs and improves compatibility, adding support for macOS 12 Monterey and the ability to extract Apple Maps data from end-to-end encrypted containers.
👉 https://www.elcomsoft.com/news/801.html
#icloud #applemaps #monterey #cloudforensics #dfir #epb
Elcomsoft Phone Breaker 10.1 fixes bugs and improves compatibility, adding support for macOS 12 Monterey and the ability to extract Apple Maps data from end-to-end encrypted containers.
👉 https://www.elcomsoft.com/news/801.html
#icloud #applemaps #monterey #cloudforensics #dfir #epb
Dude, Where Are My Messages?
Cloud backups are an invaluable source of information whether you download them from the user’s iCloud account or obtain directly from Apple. But why some iCloud backups miss essential bits and pieces of information such as text messages, particularly iMessages? The answer is “end-to-end encryption”, and there’s more to it than just backups.
👉 https://blog.elcomsoft.com/2022/02/dude-where-are-my-messages/
#sms #imessage #icloud #dfir #mobileforensics #phonebreaker
Cloud backups are an invaluable source of information whether you download them from the user’s iCloud account or obtain directly from Apple. But why some iCloud backups miss essential bits and pieces of information such as text messages, particularly iMessages? The answer is “end-to-end encryption”, and there’s more to it than just backups.
👉 https://blog.elcomsoft.com/2022/02/dude-where-are-my-messages/
#sms #imessage #icloud #dfir #mobileforensics #phonebreaker
Logical Acquisition: Not as Simple as It Sounds
Speaking of mobile devices, especially Apple’s, “logical acquisition” is probably the most misused term. Are you sure you know what it is and how to properly use it, especially if you are working in mobile forensics? Let us shed some light on it.
👉 https://blog.elcomsoft.com/2022/06/logical-acquisition-not-as-simple-as-it-sounds/
#ios #iphone #icloud #itunes #dfir #mobileforensics #logicalacquisition
Speaking of mobile devices, especially Apple’s, “logical acquisition” is probably the most misused term. Are you sure you know what it is and how to properly use it, especially if you are working in mobile forensics? Let us shed some light on it.
👉 https://blog.elcomsoft.com/2022/06/logical-acquisition-not-as-simple-as-it-sounds/
#ios #iphone #icloud #itunes #dfir #mobileforensics #logicalacquisition
iCloud backups: the Dark Territory
Apple ecosystem includes a comprehensive backup ecosystem that includes both local and cloud backups, and data synchronization with end-to-end encryption for some categories. Today we’ll discuss the iCloud backups, particularly targeting issues that are not covered in the official documentation.
👉 https://blog.elcomsoft.com/2022/07/icloud-backups-the-dark-territory/
#epb #e2ee #icloud #icloudbackup
Apple ecosystem includes a comprehensive backup ecosystem that includes both local and cloud backups, and data synchronization with end-to-end encryption for some categories. Today we’ll discuss the iCloud backups, particularly targeting issues that are not covered in the official documentation.
👉 https://blog.elcomsoft.com/2022/07/icloud-backups-the-dark-territory/
#epb #e2ee #icloud #icloudbackup
Elcomsoft Phone Breaker 10.12: better compatibility, iCloud-related improvements
Elcomsoft Phone Breaker 10.12 fixes bugs and improves compatibility with Windows 11, macOS 12 and 13. The new build also improves compatibility with iOS 16 backups and recognizes iCloud backups created by iPhone 14 series and iPhone SE 2022 devices.
👉 https://www.elcomsoft.com/news/823.html
#phonebreaker #dfir #mobileforensics #icloud #ios16
Elcomsoft Phone Breaker 10.12 fixes bugs and improves compatibility with Windows 11, macOS 12 and 13. The new build also improves compatibility with iOS 16 backups and recognizes iCloud backups created by iPhone 14 series and iPhone SE 2022 devices.
👉 https://www.elcomsoft.com/news/823.html
#phonebreaker #dfir #mobileforensics #icloud #ios16
Cloud Forensics: Obtaining iCloud Backups, Media Files and Synchronized Data
Apple offers by far the most sophisticated solution for backing up, restoring, transferring and synchronizing data across devices belonging to the company’s ecosystem. Apple iCloud can store cloud backups and media files, synchronize essential information between Apple devices, and keep highly sensitive information such as Health and authentication credentials securely synchronized. In this article we’ll explain what kinds of data are stored in iCloud and what you need to access them.
👉 https://blog.elcomsoft.com/2022/11/cloud-forensics-obtaining-icloud-backups-media-files-and-synchronized-data/
#cloudforensics #PhoneBreaker #EPB #iCloud #backup #iOS #dfir
Apple offers by far the most sophisticated solution for backing up, restoring, transferring and synchronizing data across devices belonging to the company’s ecosystem. Apple iCloud can store cloud backups and media files, synchronize essential information between Apple devices, and keep highly sensitive information such as Health and authentication credentials securely synchronized. In this article we’ll explain what kinds of data are stored in iCloud and what you need to access them.
👉 https://blog.elcomsoft.com/2022/11/cloud-forensics-obtaining-icloud-backups-media-files-and-synchronized-data/
#cloudforensics #PhoneBreaker #EPB #iCloud #backup #iOS #dfir
Elcomsoft Phone Viewer 5.40 updated for iOS 16
Elcomsoft Phone Viewer gains full support for the updated local and cloud backup formats introduced in iOS 16. The tool can now display the content of iTunes and iCloud backups and synchronized data produced by devices running the new OS. In addition, Elcomsoft Phone Viewer 5.40 adds support for file system images obtained from devices running iOS 16.
👉 https://www.elcomsoft.com/news/825.html
#EPV #iCloud #iOS16 #dfir #mobileforensics
Elcomsoft Phone Viewer gains full support for the updated local and cloud backup formats introduced in iOS 16. The tool can now display the content of iTunes and iCloud backups and synchronized data produced by devices running the new OS. In addition, Elcomsoft Phone Viewer 5.40 adds support for file system images obtained from devices running iOS 16.
👉 https://www.elcomsoft.com/news/825.html
#EPV #iCloud #iOS16 #dfir #mobileforensics
Apple iCloud Acquisition: A Lifeline for Forensic Experts
Acquiring data from locked, broken, or inaccessible devices poses significant challenges. However, there are ways to retrieve valuable information from such devices by obtaining the data from iCloud, including old data that has been deleted with no chance of recovery. In this article, we will explore the classic acquisition methods available for iOS devices and focus on the crucial role of Apple iCloud in forensic investigations.
👉 https://blog.elcomsoft.com/2023/07/apple-icloud-acquisition-a-lifeline-for-forensic-experts/
#AdvancedDataProtection #cloudforensics #digitalevidence #EPB #iCloud
Acquiring data from locked, broken, or inaccessible devices poses significant challenges. However, there are ways to retrieve valuable information from such devices by obtaining the data from iCloud, including old data that has been deleted with no chance of recovery. In this article, we will explore the classic acquisition methods available for iOS devices and focus on the crucial role of Apple iCloud in forensic investigations.
👉 https://blog.elcomsoft.com/2023/07/apple-icloud-acquisition-a-lifeline-for-forensic-experts/
#AdvancedDataProtection #cloudforensics #digitalevidence #EPB #iCloud