Archive for the ‘Elcom-News’ Category

Visiting BlackHat and DefCon 2011

Monday, August 22nd, 2011

Yet again, we are back from a couple of conferences organized specially for heavy computer users like us. We are particularly happy that our company was again warmly welcomed by the overseas hacking community – thank you for accepting and visiting our talk – and that FBI didn’t bother us too much during our stay, though they didn’t miss a chance to scare the crap out of Andrey and Vladimir right before their departure back to Moscow.  Apart from that little episode with three-letter guys everything went smoothly.

At Black Hat Andrey made his presentation about iOS encryption and as you may guess it was not the only one talk about iOS on the conference, as the topic is quite popular now.

(more…)

iOS Forensic Toolkit: Keychain Decryption, Logical Acquisition, iOS 4.3.4, and Other Goodies

Monday, July 25th, 2011
 
You might have heard about our new product – iOS Forensic Toolkit. In fact, if you are involved in mobile phone and smartphone forensics, you almost certainly have. In case our previous announcements haven’t reached you, iOS Forensic Toolkit is a set of tools designed to perform physical acquisition of iPhone/iPad/iPod Touch devices and decrypt the resulting images. This decryption capability is unique and allows one to obtain a fully usable image of the device’s file system with the contents of each and every file decrypted and available for analysis. And the fact is, with today’s update, iOS Forensic Toolkit is much more than just that.
 
(more…)

ElcomSoft at Techno Security Conference and AMD Fusion Developer Summit

Tuesday, June 28th, 2011

ElcomSoft had a great time overseas in the US, first at Techno Security Conference in Myrtle Beach, SC and later at AMD Fusion Developer Summit in Bellevue, WA. So it happened to be quite a long visit to the US full of preparations, talks, meetings, new acquaintances, parties and positive emotions (sun and ocean did their work). 

At Techno Security it seemed like we were the only newcomers (maybe partly due to this fact we were so warmly welcomed), as practically everybody knew each other (even visitors) and the whole situation resembled an alumni party in a very positive and friendly atmosphere. (more…)

How to trace criminals on Facebook

Thursday, June 2nd, 2011

Facebook lockThere has already been much said about enhanced federal activity in social networks “including but not limited to Facebook, MySpace, Twitter, Flickr” etc. in order to gather suspects’ information and use it as evidence in investigation. However, far not everybody can understand (neither do three-letter agencies I suppose) how they can represent such info in courts and to what extent it should be trusted. (more…)

ElcomSoft Breaks iPhone Encryption, Offers Forensic Access to File System Dumps

Monday, May 23rd, 2011

ElcomSoft researchers were able to decrypt iPhone’s encrypted file system images made under iOS 4. While at first this may sound as a minor achievement, ElcomSoft is in fact the world’s first company to do this. It’s also worth noting that we will be releasing the product implementing this functionality for the exclusive use of law enforcement, forensic and intelligence agencies. We have a number of good reasons for doing it this way. But first, let’s have a look at perspective.

(more…)

Have you chosen you next smartphone? Why not BlackBerry? :)

Friday, May 20th, 2011

Despite the fact that iPhone and Android keep on biting off greater parts of smartphone market, BlackBerry fans are still there, in spite of its various peculiarities. I won’t compare multi-touch displays, HD cameras, smart sensors, applications or anything like that. I’d rather talk about BlackBerry Desktop Software.  Yes, it can create backups, restore information from backups, and synchronize with Outlook only, period.  But that’s just not enough… (more…)

Nikon Image Authentication System: Compromised

Thursday, April 28th, 2011
ElcomSoft Co. Ltd. researched Nikon’s Image Authentication System, a secure suite validating if an image has been altered since capture, and discovered a major flaw. The flaw allows anyone producing forged pictures that will successfully pass validation with Nikon’s Image Authentication Software. The weakness lies in the manner the secure image signing key is being handled in Nikon digital cameras.
 
The existence of the weakness allowed ElcomSoft to actually extract the original signing key from a Nikon camera. This, in turn, made it possible to produce manipulated images signed with a fully valid authentication signature.
(more…)

EuroForensics Conference 2011

Wednesday, April 6th, 2011

So we are back again from EuroForensics Conference which took place in Istanbul a week ago, and it feels everything went fantastic. All preparations were quick and painless (our special regards to Kaukab Jamal ZUBERI, Bilal YILMAZ, Meryem Parlak, Canan Tas and the whole team of Forensic People), the event went smoothly with a marked emphasis on the first day, when we were almost stunned by crowds of computer forensic specialists, military people in uniform, government and other security researchers (I personally have never seen so many officials at one place before).
 

(more…)

ElcomSoft Opens a Password Store to Sell Passwords Balancing Strength and Memorability

Friday, April 1st, 2011

Great news, ElcomSoft starts Elcomsoft Password Store, an online service to supply customers with guaranteed secure passwords. The new Password Store provides customers a variety of selections, and complies with all industrial and government requirements regarding the length and complexity of passwords being sold. As a value-added service, the company offers near-instant recovery of all passwords sold through its Password Store for a nominal fee.

The many different security policies and government regulations make standard practices of choosing passwords inadequate (passwords are too easy to break) or unfeasible (passwords are impossible to memorize, get written on yellow stickers, and get easily hijacked).  To facilitate the needs of its customers, ElcomSoft Co. Ltd. employed its extensive expertise in the areas of information security and password recovery, and offers a service to provide the perfect balance between password strength and memorability. After breaking millions of passwords, the company has inside information on what’s strong, what’s weak, and what’s adequate for every task.

Offering three strength levels and several additional options, ElcomSoft offers an economical way to create passwords perfect for the type of information they protect. Customers can choose passwords that are short and strong, long and extremely strong, or very long and guaranteed unbreakable. For a small extra fee, Password Store customers can choose passwords that are easy to pronounce or quick to memorize, without sacrificing a single bit of security. In addition, ElcomSoft offer a “gift-wrap” option that accompanies every password with a digital authenticity certificate.

As a value-added service, ElcomSoft offers exclusive password recovery service to all customers of its Password Store. For a nominal fee, forgotten passwords can be recovered in an instant. Under no circumstances will the company sell passwords to any third-parties or upload the lists to the three-letter agencies, government or law enforcement officials unless they become our clients and buy their own passwords.

More info at http://www.elcomsoft.com/password_store.html

Cracking BlackBerry backups is now slower… but still possible, thx to GPU acceleration

Friday, December 24th, 2010

If you have read our recent Cracking BlackBerry Backup Passwords article, you should be familiar with encryption implemented in BlackBerry Desktop Software. Just reminding:

In short, standard key-derivation function, PBKDF2, is used in a very strange way, to say the least. Where Apple has used 2’000 iterations in iOS 3.x, and 10’000 iterations in iOS 4.x, BlackBerry uses only one.

So password verification is (was) so fast/simple that we did not care about implementing it on the GPU — modern CPU is able to crack almost 8 million passwords per second (thanks to multi-threading and AES-NI). We would not call that the vulnerability, but still the weak link.

But new versions of BlackBerry Desktop Software have been released reсently (6.0 for Windows and 2.0 for Mac). And as always, there are bad news and there are good news.
(more…)