ElcomSoft's Phone Forensics Software Offers Near Real-Time Access to iCloud Backups

Surprising, since Australians are a pragmatic and level-headed people. I would be further surprised if any US government folks were using this software. I would hope they are exercising due caution and thoughtfulness without the hindrance of political correctness and naivety which tell us that everyone in the world is pretty much OK regardless of nationality and can basically be trusted.

The best option for these kinds of things is homegrown, that way you remove all doubt.

Considering that there are a limited number of mobile phone forensics products, major ones of which are XRY (Sweden), Elcomsoft (Russia) and Cellebrite/UFED (Israel), do the USA have a home grown Mobile Forensics Software?
 
Considering that there are a limited number of mobile phone forensics products, major ones of which are XRY (Sweden), Elcomsoft (Russia) and Cellebrite/UFED (Israel), do the USA have a home grown Mobile Forensics Software?

The NSA and other US intelligence services probably have products much more sophisticated than anything commercially available, such as those you mentioned.
 
I sure hope law enforcement has to have a warrant to use this sort of thing.

Not really, the next few months will tell. But right now there is a lot of things cops can do without a warrant until congress (useless) or Supreme Court (divided like the country) decide to rule on it.
 
they don't even need a local backup if the user has ever bought anything from the iTunes store. every song etc has the ID in plaintext in the 'info' for the file. But that only gets them your user name. they have to dig for your password. unless you are someone dumb enough to store it in a plain text file on the computer they have access to. or something like 1Password with a simple (or worse no) password


Oh of course, I didn't mean to imply that it's hard to find a iTunes user ID. They are easily found in songs and iOS apps. People can easily mine for iTunes usernames at torrent trackers or those forums that help you find pirated iOS apps.

Don't get me started with the whole password .txt files. I've seen a few friends of mine that have an unprotected Word document labeled Passwords.docx on the freaking desktop on a computer with autologin enabled!! I haven't seen these people use password managers yet even though I've told them about it. But knowing them, they probably wouldn't put a password on it.
 
One day I dream of my cloud being on my home server at home and having an unlimited wireless data for all my devices with gigabit speeds.
 
Apple should be sending the backups encrypted as if it was in iTunes. It's not enabled by default, but it should be if iCloud is being used. But knowing Apple, they wanted it to be easy and painless for the customer to restore an iCloud backup. Apple will need to address this and they're probably going to make you use your iTunes ID username and password + a different encryption key/password to retrieve and unlock the data. More work, but better security.

The funny thing is that this software needs access to the iTunes ID username/password. IF not, they don't have access. And they say it's trivial to get it the iTunes ID. All they need is the unencrypted local backups in iTunes. Again, they need to get into your machine to get that data. How they get local backups is beyond me, but if they have local access to a computer, then how is it Apple's fault? I agree Apple needs to send the backups encrypted. But that's all they can do. Weak iTunes passwords and backing up your iPhone on trojan infected machines doesn't make Apple at fault. And when law enforcement has physical access to your computer, all bets are off. Any computer with any OS without full disk encryption can have the data siphoned easily.

This has nothing to do with Apple, its all about the Laws or lack of them. For most people nothing on their iCloud will cause them any problems but for some it could and I am sure those same people know better. This software is out there because governments want them so they don't have to go to court and get warrants. Should be interesting to see how far Govt. goes in the coming years. UK had some news about 1000 government agents snooping on people data without reason or authority. :mad:
 
And how exactly are they supposed to fix it. You're so smart I'm sure you have it all figured out. You know exactly how they can fix an issue that requires your private password info or access to your actual hardware.

How about requiring authentication that an iOS device is the one requesting the data?

You can use UDIDs to verify it's an iOS device, maybe even MAC Address. and pair those with a specific, unknown User Agent string. bam.
 
Another security fiasco from Apple putting their users data at risk. You simply can't trust this company anymore for providing secure robust solutions for their users. They just don't put due effort and involvement in software development.

But what do they care? It's the users data, not theirs.Theirs is hosted on non os x reliable servers. Ask them if anyone uses os x lion server for anything in the backbone of apple's infrastructure.

Mobileme was equally a security nightmare sending unencrypted information and they've done little to none to fix this. Steve Jobs asked why would you trust us when we brought you mobileme? He was right, people shouldn't have trusted apple.
Don't use it then...
 
Umm... not so much, actually ...

I mean yes, such things are out there and have been out there for a long time. If you're a hacker, you can make money wearing a "white hat" or a "black hat". There's no difference between these people at the end of the day, except who they chose to take money from for their hacking skills or knowledge.

The "white hat" crowd likes to sell their tools to law enforcement for big $'s, and claim they're taking the "high road" compared to the other hackers trying to steal your data for personal gain.

But don't fool yourself into thinking the guys selling this stuff won't ever let their secrets leak out to their "black hat" buddies out there. These people share many of the same online discussion forums and such. Not just "anyone" will have access to the tools, but the people who matter will -- the ones who have the skill and motivation to hack you and misuse your data for profit!

The old "If you aren't doing anything wrong, you have nothing to worry about!" line is laughably cliche... Who decides when you're doing something wrong? Is it just YOU, or is it the people in power? On tonight's news, I just heard about a police officer who is finally being investigated because he pulled over a female neighbor he had some kind of personal grudge with, charging her with having an expired license (despite it not actually being expired), plus apparently planting a crack pipe in her car and arresting her on the drug paraphernalia charge. She probably thought SHE had nothing to worry about either, until someone in power decided she was due some punishment ....


Firstly, there have been products available to the forensic community that do this and much more for years now.

You guys need to realize that these tools aren't just freely available to anyone. These tools aren't used until a suspect is arrested and a warrant issued to allow for the search of their electronic devices.

It's funny to see how people get all up in arms about this kinda stuff. They think their rights are going to be violated. This isn't the case. If you aren't doing anything wrong, you have nothing to worry about. Additionally, I'm sure you'd be all in favor of this kinda stuff if your child was kidnapped and a search of the suspects phone or computer may lead to the safe return of your child.

This isn't something that Apple can or will patch.
 
Firstly, there have been products available to the forensic community that do this and much more for years now.

You guys need to realize that these tools aren't just freely available to anyone. These tools aren't used until a suspect is arrested and a warrant issued to allow for the search of their electronic devices.

It's funny to see how people get all up in arms about this kinda stuff. They think their rights are going to be violated. This isn't the case. If you aren't doing anything wrong, you have nothing to worry about. Additionally, I'm sure you'd be all in favor of this kinda stuff if your child was kidnapped and a search of the suspects phone or computer may lead to the safe return of your child.

This isn't something that Apple can or will patch.
Considering that a case just recently went to the Supreme Court on whether or not cops could stick a gps tracker to your car without a warrant, I think people SHOULD be concerned about their rights being violated.
 
Vey interesting post Mark, thanks for the heads up about spideroak as well, I ll look em up.

----------



Easy there with the cabs tiger, they have a lot of, flashback, ways to get your pass, once they have it the point is they can track you without you noticing there are no hardware keys that will ensure that only your devices can access it. Take it easy on the caps.

----------



typical apple apologist. Yeah why would they hold a phone like this and short circuit it's antenna? There's nothing wrong with the iPhone antenna but we fixed in 4s but there was nothing wrong with it to begin with. Its never apples fault. There was a java vulnerability in os x hence the intrusion of the malware.


According to arstechnica, from their inquiry months ago, iCloud uses SSL encryption on all iCloud data transfers.
 
Cloud Storage-WOW

Cloud storage is a joke and provides no real benefit to the enterprise.

It's not a viable solution for disaster recovery as long as the recovery plan you have implemented is sound.

I can guarantee my customer data will never be compromised. Why? Because I refuse to expose it to the internet. The internet is inherently insecure. Also, there are too many dependancies involved in the transfer of data between you and the Cloud.

I was recently part a conversation between the president of a cloud storage provider, me and my CEO, (I am the CTO). What surprised me the most is she actually believed the hogwash she was spouting. I have been with this company for over 14 years and not a day goes by that I don't develop something new. She told us her engineers could replicate our system in a matter of days. I wanted to slap her silly. She had no idea what functions our proprietary systems performed. It would take a team of 10 30 -45 days just to complete the discovery phase on one of our 5 systems. She also stated that the data we uploaded would be 100% safe. Now, I wanted to kick her!

I have done the research. It would take 18-24 months and hundreds of thousands of dollars to move to the cloud, without any real benefit. It would take 7-9 years to recoup the cost of reducing our infrastructure. "Another must have feature of the cloud", (REDUCED INFRASTRUCTURE).

Would any of you really trust sensitive data to a third party who is solely providing this service to produce revenue?
 
Having access to someone's username AND password is something that happens almost never. And this software doesn't and can't get your password remotely over the Internet.

Actually I don't fully understand the purpose of this software other than to hack a users cloud/ cellphone to get other potential passwords. You need a password for this software to even work. It's what happens after you have physical access to a users computer/cellphone that this software is ever useful.

And after walking through what this actually does I find the software to be almost vapor ware and sensationalist bordering on MR spam.

I repeat . This software does not sniff Internet packets.

The impression I get is it basically allows someone to view all the data in an iCloud account on a pc. Simply makes it easier to go through and in legal cases look for evidence.

As you noted this software does no hacking of any kind. If simply downloads an iCloud account when a valid username and password are supplied and output it to a usable format on a pc.
 
I can guarantee my customer data will never be compromised. Why? Because I refuse to expose it to the internet. The internet is inherently insecure. Also, there are too many dependancies involved in the transfer of data between you and the Cloud.

So "the internet" is the only way data can get compromised? Interesting. :rolleyes:

Would any of you really trust sensitive data to a third party who is solely providing this service to produce revenue?

In theory, wouldn't someone whose livelihood depends entirely on a specific task be more encouraged to perform it well? ;-)
 
This "software" is merely a legal hacking tool for sale. All packaged up.

Completely disgraceful. This sort of thing should be illegal to sale. Period.

Your government is on the client list over at Elcomsoft. As are most other governments. Including mine.

Peace said:
Actually I don't fully understand the purpose of this software other than to hack a users cloud/ cellphone to get other potential passwords. You need a password for this software to even work. It's what happens after you have physical access to a users computer/cellphone that this software is ever useful.

Much of the information in iCloud is easy to read. Calendar, contacts, photo's. However, the backup of your phone includes hard to decode stuff, like your call history and text messages. The software decodes this, and makes it usable for law enforcement purposes.
 
Last edited:
If they have your password...

This is such ********. Why can't Apple get it together and make it more secure? Millions of people rely on these devices....

As stated they need your username and password or access to an unencrypted backup on your machine to extract the username and password from. This is not exactly a problem at Apple. Theoretically they could force everyone to encrypt their local backups, but then you create a customer service issue. One strange thing is that I believe that Apple clears out passwords on unencrypted backups for mail, does this policy not extend to iCloud?

A policy more people should adopt is disk encryption. Running Lion and a Seagate Momenus XT hard drive there is no noticeable performance hit on my Macbook Pro even with full disk encryption.
 
If you aren't doing anything wrong, you have nothing to worry about.

Tell that to the people how are in jail and didn't do anything wrong.

Additionally, I'm sure you'd be all in favor of this kinda stuff if your child was kidnapped and a search of the suspects phone or computer may lead to the safe return of your child.

This isn't something that Apple can or will patch.

Talking fear into people minds so its easier to give up your rights. People like you make me sick.
You still believe in your government/your country that killed how many people? ;)
 
You guys need to realize that these tools aren't just freely available to anyone. These tools aren't used until a suspect is arrested and a warrant issued to allow for the search of their electronic devices.

Ever heard about the patriot act, NSA warrantless wiretapping, amnesty for collaborators of illegal surveillance?

It's funny to see how people get all up in arms about this kinda stuff. They think their rights are going to be violated. This isn't the case. If you aren't doing anything wrong,
...AND have an American-sounding name, AND are not in the wrong place at the wrong time, AND do not take part in any government-critical demonstrations, etc.,
you have nothing to worry about.

You're talking as if you weren't living in a country that has started wars based on absolutely nothing, executed innocent people, abducted and tortured foreign citizens based on a similar-sounding name, and operated prisons on foreign soil where prisoners get neither a lawyer nor a trial.

Additionally, I'm sure you'd be all in favor of this kinda stuff if your child was kidnapped and a search of the suspects phone or computer may lead to the safe return of your child.

Oh please, not the "think of the children" argument.
 
Last edited:
While it's not exactly a "security flaw" that someone can get your iCloud data with your user name and password, maybe Apple could be a bit more pro-active and send an e-mail when a new device accesses your iCloud account (they already detect when a new device is used to purchase stuff from iTunes and make you put your CVV in again).

If they did this, you'd know if someone had gained access and could then change your password.
 
Another security fiasco from Apple putting their users data at risk. You simply can't trust this company anymore for providing secure robust solutions for their users. They just don't put due effort and involvement in software development.

But what do they care? It's the users data, not theirs.Theirs is hosted on non os x reliable servers. Ask them if anyone uses os x lion server for anything in the backbone of apple's infrastructure.

Mobileme was equally a security nightmare sending unencrypted information and they've done little to none to fix this. Steve Jobs asked why would you trust us when we brought you mobileme? He was right, people shouldn't have trusted apple.

Dude, they need to know the username+password in order to get in!!

That software seems pretty pointless to me tbh...
And also, shouldn't it be illegal?

The article says "more and more people use that kind of software to acquire user information" etc etc, isn't that illegal..?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Back
Top