Less than a month ago, we updated our Elcomsoft Phone Password Breaker tool with the ability to recover master passwords for BlackBerry Password Keeper and BlackBerry Wallet. I have blogged about that and promised the “next big thing” for BlackBerry forensics to be coming soon. The day arrived.
|September 29th, 2011 by Andrey Belenko|
|August 30th, 2011 by Andrey Belenko|
Conferences are good. When attending Mobile Forensics Conference this year (and demoing our iOS Forensic Toolkit), we received a lot of requests for tools aimed at BlackBerry forensics. Sorry guys, we can’t offer the solution for physical acquisition of BlackBerries (yet), but there is something new we can offer right now.
RIM BlackBerry smartphones have been deemed the most secure smartphones on the market for a long, long time. They indeed are quite secure devices, especially when it comes to extracting information from the device you have physical access to (i.e. mobile phone forensics). It is unfortunate, however, that a great deal of that acclaimed security is achieved by “security through obscurity”, i.e. by not disclosing in-depth technical information on security mechanisms and/or their implementation. The idea is to make it more difficult for third parties to analyze. Some of us here at Elcomsoft are BlackBerry owners ourselves, and we are not quite comfortable with unsubstantiated statements about our devices’ security and blurry “technical” documentation provided by RIM. So we dig. Read the rest of this entry »
|August 22nd, 2011 by Olga Koksharova|
Yet again, we are back from a couple of conferences organized specially for heavy computer users like us. We are particularly happy that our company was again warmly welcomed by the overseas hacking community – thank you for accepting and visiting our talk – and that FBI didn’t bother us too much during our stay, though they didn’t miss a chance to scare the crap out of Andrey and Vladimir right before their departure back to Moscow. Apart from that little episode with three-letter guys everything went smoothly.
At Black Hat Andrey made his presentation about iOS encryption and as you may guess it was not the only one talk about iOS on the conference, as the topic is quite popular now.
|August 15th, 2011 by Olga Koksharova|
SANS Information Security Reading Room has recently publicized a whitepaper about iOS security where they mentioned our software – Elcomsoft iOS Forensic Toolkit – in a section about encryption. Kiel Thomas, the author of the whitepaper, explained one more time the main principles of iOS 4 encryption, which became stronger in comparison with iOS 3.x and how our toolkit can bypass new strong algorithms.
In its next part about iTunes Backups Kiel touches upon Elcomsoft Phone Password Breaker which virtually crunches backup passwords at speed of 35000 passwords per second (with AMD Radeon HD 5970) using both brute force and dictionary attacks, here are some benchmarks.
It seems the paper does not miss out on any nuance about iOS 4 and provides practical advice to either avoid or prevent from the depressing outcomes, such as loss of data. Closer to the end of the paper you will also find several sagacious tips for using the devices within organizations, including passcode management, a so called “first line of defense” which according Kiel’s view “can be matched to existing password policies”, however he inclines to use passwords instead of 4 digit passcodes.
And in conclusion the author discovers that smartphone and tablet security measurements resemble the ones of laptops, because they all belong to mobile devices. Find out more details in the source itself: http://www.sans.org/reading_room/whitepapers/pda/security-implications-ios_33724
|July 25th, 2011 by Andrey Belenko|
|June 28th, 2011 by Olga Koksharova|
ElcomSoft had a great time overseas in the US, first at Techno Security Conference in Myrtle Beach, SC and later at AMD Fusion Developer Summit in Bellevue, WA. So it happened to be quite a long visit to the US full of preparations, talks, meetings, new acquaintances, parties and positive emotions (sun and ocean did their work).
At Techno Security it seemed like we were the only newcomers (maybe partly due to this fact we were so warmly welcomed), as practically everybody knew each other (even visitors) and the whole situation resembled an alumni party in a very positive and friendly atmosphere. Read the rest of this entry »
|June 2nd, 2011 by Olga Koksharova|
There has already been much said about enhanced federal activity in social networks “including but not limited to Facebook, MySpace, Twitter, Flickr” etc. in order to gather suspects’ information and use it as evidence in investigation. However, far not everybody can understand (neither do three-letter agencies I suppose) how they can represent such info in courts and to what extent it should be trusted. Read the rest of this entry »
|May 23rd, 2011 by Andrey Belenko|
In our previous blog post we have described how we broke the encryption in iOS devices. One important thing was left out of that article for the sake of readability, and that is how we actually acquire the image of the file system of the device. Indeed, in order to decrypt the file system, we need to extract it from the device first.
|May 23rd, 2011 by Vladimir Katalov|
ElcomSoft researchers were able to decrypt iPhone’s encrypted file system images made under iOS 4. While at first this may sound as a minor achievement, ElcomSoft is in fact the world’s first company to do this. It’s also worth noting that we will be releasing the product implementing this functionality for the exclusive use of law enforcement, forensic and intelligence agencies. We have a number of good reasons for doing it this way. But first, let’s have a look at perspective.
|May 20th, 2011 by Olga Koksharova|
Despite the fact that iPhone and Android keep on biting off greater parts of smartphone market, BlackBerry fans are still there, in spite of its various peculiarities. I won’t compare multi-touch displays, HD cameras, smart sensors, applications or anything like that. I’d rather talk about BlackBerry Desktop Software. Yes, it can create backups, restore information from backups, and synchronize with Outlook only, period. But that’s just not enough… Read the rest of this entry »