Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iTunes Backup Passwords 'Much Easier' to Crack in iOS 10, Apple Working on Fix

RedOrchestra said:
WOW ... the Apple PR department has descended in force to put a lid on this.
Click to expand...

Funny, all I see are the anti-Apple crowd trying to spin this into a serious issue.

- This will be fixed very shortly with the next iOS 10 update (of which there will be many over the next few months). I'd be surprised if this lasts more than a week or two tops.

- During that short time I now have to worry about someone breaking into my home and stealing my computer. Or someone stealing it from work or doing a snatch & grab while I'm riding the train or using it in a coffee shop. Since I've only had that happen once in 30 years (laptop grabbed from a table while I went to get a refill), I think I can survive two weeks.

- Not only does someone need to steal my computer, but they also have to be stealing it for the express purpose of getting my iTunes backup. Let's see, my computer gets stolen. Does it end up in a pawn shop or getting fenced so some druggie can get their next fix? Or does it get sent to some hacker that's looking to get some personal information from me? I think we all know where the vast majority of stolen goods end up.


This is about as minor a security issue as you can get. A serious issue would be something like getting a text or e-mail that if opened/viewed allows remote code injection onto your device to allow a hacker access. Or having a website that if loaded in Safari the same thing happens.
 
  • Like
Reactions: CB1234, Thunderhawks and Weaselboy
Quu said:
I'd imagine this was a big mistake by one of their developers. They should have more code reviews.
Click to expand...

I doubt it. Probably an order from the execs.

Seems like Apple got caught with their hand in the cookie jar.
 
Rigby said:
Why?
Of course not. The backup data never leaves the device unencrypted, regardless whether you use USB or Wifi.
Click to expand...

Likely stupid question here: when you backup to your computer via iTunes, isn't there an option to make the backup UNencrypted? Last I looked, I even thought that was the default. I haven't backed up via iTunes for 3-4 years now because I use laptops with SSDs and those backups are huge.

Second dumb question, people are saying that encrypted backups have the Keychain info inside protected by ONLY the backup password. Does that mean that keychain info is completely unencrypted in an unencrypted backup?

Finally, couldn't the change have been related to the new massive 256GB storage option on the iPhone 7? Maybe the new algorithm allows for better or less CPU-intensive compression of the backup data. Or maybe they just did some tests and the old algorithm was too slow for those huge phones.
 
citysnaps said:
Why would an exec order that? Federighi, Senior VP of Software Engineering? For what purpose? Seems you're suggesting a conspiracy. Details, please...
Click to expand...

The alternative is that one of the programmers made this change. I highly doubt a programmer would make a change like this unless someone told them to.
 
MacRumors said:
As Apple points out, this security oversight is limited to backups created on a Mac or PC and does not affect the security of iCloud backups. Most users likely do not need to worry about this issue as it requires access to the Mac or PC that was used to make the backup.
Click to expand...

Haha yeah with an iCloud backup you have no security. You knowingly put your data in someone else's hands and you can forget about security.
 
bennyf said:
Likely stupid question here: when you backup to your computer via iTunes, isn't there an option to make the backup UNencrypted? Last I looked, I even thought that was the default. I haven't backed up via iTunes for 3-4 years now because I use laptops with SSDs and those backups are huge.

Second dumb question, people are saying that encrypted backups have the Keychain info inside protected by ONLY the backup password. Does that mean that keychain info is completely unencrypted in an unencrypted backup?

Finally, couldn't the change have been related to the new massive 256GB storage option on the iPhone 7? Maybe the new algorithm allows for better or less CPU-intensive compression of the backup data. Or maybe they just did some tests and the old algorithm was too slow for those huge phones.
Click to expand...

Unencrypted backup is the default.

Unencrypted backup does not contain keychain, nor stuff applications say is secret, e.g. Apple Health data.

They mainly converted the backup metadata to be 'standard', i.o.w. use sqlite for storage and Apple's binary playlists for bonus parts of metadata about files. As side effect, they added (for some reason) passwordHash field to the database which is the sha256 hash people are talking about. Oddly enough, most of the data is still encrypted using key derived using PBKDF2 (I think), but there is parallel sha256 hash of password in the database Elcomsoft publicized.
 
nextuser said:
I doubt it. Probably an order from the execs.

Seems like Apple got caught with their hand in the cookie jar.
Click to expand...

nextuser said:
The alternative is that one of the programmers made this change. I highly doubt a programmer would make a change like this unless someone told them to.
Click to expand...

nextuser said:
I don't know.

It's just that the alternative explanation is that the programmers are complete idiots. This was most likely C/Objective-C code that was changed.
Click to expand...
https://en.m.wikipedia.org/wiki/Hanlon's_razor
 
  • Like
Reactions: CB1234 and Hanzu Lao
bennyf said:
Finally, couldn't the change have been related to the new massive 256GB storage option on the iPhone 7? Maybe the new algorithm allows for better or less CPU-intensive compression of the backup data. Or maybe they just did some tests and the old algorithm was too slow for those huge phones.
Click to expand...

If this was a conscious decision then they would have realized this would weaken the security.

But you're still limited by USB 2 transfer speeds. Changing the algorithm won't help there.
[doublepost=1474781944][/doublepost]
C DM said:
https://en.m.wikipedia.org/wiki/Hanlon's_razor
Click to expand...

I am a programmer so I am biased.

I just refuse to believe that a programmer could be do something so stupid.

We're not talking about a PHP or Python programmer or the like, this code probably exists at a lower level.

I don't know perhaps they have a configuration setting:

Security Setting: Weak or Strong

Kind of like that Chucky doll on the Simpsons (Evil or Good setting)

All I'm saying is that this whole thing is very strange
 
  • Like
Reactions: mkeeley and Sasparilla
nextuser said:
If this was a conscious decision then they would have realized this would weaken the security.

But you're still limited by USB 2 transfer speeds. Changing the algorithm won't help there.
[doublepost=1474781944][/doublepost]

I am a programmer so I am biased.

I just refuse to believe that a programmer could be do something so stupid.

We're not talking about a PHP or Python programmer or the like, this code probably exists at a lower level.

I don't know perhaps they have a configuration setting:

Security Setting: Weak or Strong

Kind of like that Chucky doll on the Simpsons (Evil or Good setting)

All I'm saying is that this whole thing is very strange
Click to expand...
I'm somewhat surprised that as programmer you really think that all kinds of simplistic or complex things somehow don't happen in all kinds of software. I've certainly seen and continue to see a full spectrum of it all, which is not unusual at all.
 
  • Like
Reactions: CB1234, 1041958, rmeadejr and 1 other person
Whenever I read articles like this I can't help but think that none of this will realistically ever happen to any of us, nor would there be a reason for anyone to put in the effort to hack into our iTunes backups and get our personal information in the first place :rolleyes:
 
  • Like
Reactions: DaveOP
nextuser said:
If this was a conscious decision then they would have realized this would weaken the security.

But you're still limited by USB 2 transfer speeds. Changing the algorithm won't help there.
[doublepost=1474781944][/doublepost]

I am a programmer so I am biased.

I just refuse to believe that a programmer could be do something so stupid.

We're not talking about a PHP or Python programmer or the like, this code probably exists at a lower level.

I don't know perhaps they have a configuration setting:

Security Setting: Weak or Strong

Kind of like that Chucky doll on the Simpsons (Evil or Good setting)

All I'm saying is that this whole thing is very strange
Click to expand...

Being a programmer is a skill and you are not immune to mistakes.
 
All this worry is unnecessary .

Once quantum computing is perfected, all our current encryption methods will become obsolete
 
Rigby said:
Why?
Click to expand...
Simply because the keychain should be encrypted on the iPhone already and when exporting the keychain that (database?) file should be safe from hackers without any further backup encryption.
I don't know apples apporach here, but what I would expect from a security point of view is like KeePass: an encrypted database that is decrypted only on demand when the user enters their PIN on the phone. That encrypted database file should not be decrypted when backing it up.
[doublepost=1474798564][/doublepost]
FoxMcCloud said:
Allow me to backup my phone to a Time Machine please Apple.
Why is that so difficult?
Click to expand...
Because Apple still lives in the age of the iPod when it comes to syncing. Syncing over iTunes should have been obsolete at the launch of the iPhone 4, but instead the iPhone should offer a Web-Interface over which it can be managed from the Mac/PC. This should be like iTunes just standalone on the device, so the iPhone could also act as a mobile streaming webplayer for any Mac/PC that connects to its webinterface. Also this webinterface could provide output of the GUI to the PC/Mac much like remote access to a Mac/PC.
Unfortunately, if one wants innovation on that level, Apple is not to look at. Blackberry 10 OS provided a lot of such innovation but as people associate BlackBerry with Pre-BB10 devices that never got the attention it deserved and so BB10 is about die a slow death. And, frankly, looking at current trends, I'm afraid professional (prosumer) hardware and software is vanishing from the market as the profit margis there are comparably low since our society slowly dumbs down using software for which they don't even need to be literate. Apple is also discontuing their professional software and hardware slowly but steadily. Bottom line: You should be happy that Apple still offers Network Back Solutions such as a Time Capsule.
 
  • Like
Reactions: Glideslope
cableguy84 said:
All this worry is unnecessary .

Once quantum computing is perfected, all our current encryption methods will become obsolete
Click to expand...
yeh, but until we live in nowadays such question are actual, dont be a dreamer
 
But I'm still using iOS 8 & iTunes 11.4 on my Mac Pro 1,1. Tim threw me under the bus and I can't update.
 
nextuser said:
If this was a conscious decision then they would have realized this would weaken the security.

But you're still limited by USB 2 transfer speeds. Changing the algorithm won't help there.
[doublepost=1474781944][/doublepost]

I am a programmer so I am biased.

I just refuse to believe that a programmer could be do something so stupid.

We're not talking about a PHP or Python programmer or the like, this code probably exists at a lower level.

I don't know perhaps they have a configuration setting:

Security Setting: Weak or Strong

Kind of like that Chucky doll on the Simpsons (Evil or Good setting)

All I'm saying is that this whole thing is very strange
Click to expand...

"I just refuse to believe that a programmer could be do something so stupid."

It's not stupid if the programmer was untrained in encryption and knew nothing about the hows and whys of hashing iteration - it was of course stupid for that programmer to be assigned the task of working on said code. Nowadays it seems managers believe programmers are all the same and interchangeable, regardless of natural skill, experience and training / education. The fault lies there.
 
  • Like
Reactions: RichTeer
Glideslope said:
I never made any reference to an "Evil Plan." :apple:
Click to expand...
Ah, the literalists. A "push to iCloud Backup and storage fees" is not a plan and not evil but rather charitable? Going for people's money isn't evil, it relieves them of the burden that the money represents. Sorry that I got this wrong.
 
nextuser said:
I just refuse to believe that a programmer could be do something so stupid.
Click to expand...
In a roundabout way, you are proving yourself wrong. Imagine you were a (code) supervisor to the programmer that wrote that code. Since you "refuse to believe that a programmer could be do something so stupid", in your position as a supervisor, it would never occur to you to verify whether what your programmer wrote might contain such a mistake.
[doublepost=1474804786][/doublepost]
[AUT] Thomas said:
[doublepost=1474798564][/doublepost]Because Apple still lives in the age of the iPod when it comes to syncing. Syncing over iTunes should have been obsolete at the launch of the iPhone 4, but instead the iPhone should offer a Web-Interface over which it can be managed from the Mac/PC.
Click to expand...
Yeah, without an internet connection we should not be allowed to anything anymore. Your genius idea would prevent us from making a backup when we don't have an internet connection. It would also prevent us to have a local backup which we (a) could create as many backup copies of as we wanted and (b) allow us a faster restore when we don't have a very fast internet connection.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back