Apple recently released their new iOS 10 software along with the iPhone 7 and 7 Plus and now it would appear that some backups of the software are less secure since the update.
According to security company Elcomsoft, the backups in iOS 10n are easier to access than previous versions of iOS.
When working on an iOS 10 update for Elcomsoft Phone Breaker, we discovered an alternative password verification mechanism added to iOS 10 backups. We looked into it, and found out that the new mechanism skips certain security checks, allowing us to try passwords approximately 2500 times faster compared to the old mechanism used in iOS 9 and older.
Apple has acknowledged the issue and have said they are working on a fix, the problem apparently does not affect iCloud backups, you can see a statement from Apple below.
“We’re aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups,” an Apple spokesperson said. “We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption.”
As soon as we get some more details on when Apple will be releasing a software update to fix this issue, we will let you guys know.
Source 9 to 5 Mac
