Apple has made a small security change in iOS 11 to make the lives of its users easier but in the process, the company has traded the security of the OS in a big way. As a detailed report from Elcomsoft indicates, the only thing that protects sensitive data on your iPhone is the passcode.
With iOS 10 and prior versions of iOS, even if a hacker knew the passcode of your iPhone, they could not gain access to other sensitive information stored in Keychain, your credit card details, and other important data. With iOS 11 that is no longer the case because if a hacker gets their hands on the passcode of your iPhone, they can easily get their hands on all the sensitive information stored on your device.
In iOS 10 and older versions of the OS, when a user created an encrypted backup of their iPhone for the first time, they’d have to enter a strong password. This password remained the same irrespective of the PC you used to create the backup. So, if you created a local iTunes backup with a password “123” and then a few months later again created a local backup on another machine, the password for this encrypted backup would remain the same: “123.” There was no way to reset this password until and unless one was ready to factory reset their device which would then allow them to set a new password again.
This policy from Apple ended up creating a lot of frustration among iPhone owners who would forget the password of their encrypted backup after initially setting one up when they purchased their device. Thus, starting with iOS 11, Apple allows users to reset this password. The original password cannot be retrieved but for future local backups, a new password can be set. This means that if a hacker knows your iPhone’s passcode, they can create a local backup of your device and then extract important data from it using the various tools available.
For this, the hacker would use the ‘Reset Settings’ option on the iPhone which would reset not only the settings of the device but also the encrypted backup password. Then, they can create a new backup with a new password and then decrypt this backup using various tools to find your sensitive information. This was not possible previously since Apple did not allow users to reset the backup password until and unless they formatted their device which would lead to all data being wiped from the device.
The security risk that this small move from Apple poses is quite serious. Not only can a hacker who knows your iPhone passcode can retrieve your credit card and Google account details, they can also change your Apple ID’s password and reset other iOS devices you own.
[Via Elcomsoft]Like this post? Share it!