Posts Tagged ‘iOS’

New Software Promises iPhone Passwords Without Jailbreak

Monday, August 16th, 2010

A new utility has been released by a Russian software developer who claims it can deliver the passwords stored on an iOS 4-based iPhone without any modification to the device itself. Based in Moscow, the company called “Elcomsoft Proactive Software” has previously specialized in password-cracking software that makes use of video graphics processors in consumer-level systems to conduct its high-volume number crunching and “password recovery.”

The iPhone Password Breaker is not the first attempt by developers to release software that compromises iPhone security; however it is the first that does so without any jailbreaking or other changes to the phone’s embedded OS or firmware.

According to The Register, Elcomsoft legitimately markets this tool as a utility for forensic investigators and positions itself as a partner to global law enforcement. There is likely some question as to whether Elcomsoft will sell its products exclusively to these parties, but a free trial version is currently available for public download at their web site.

Tags: , , ,
Posted in Uncategorized | No Comments »

Apple Security Breach Allows for Total Unauthorized iPhone Access

Monday, August 2nd, 2010

As reported on Gizmodo, an easily exploited security vulnerability has been discovered that affects all iPhones, iPads, and iPod Touches running iOS 3.1.2 and later, including the most recent iOS 4. All that’s potentially necessary to render a device vulnerable to this breach is visiting an online PDF file–an extremely common occurrence. As reported on Gizmodo,

It just requires the user to visit a web address using Safari. The web site can automatically load a simple PDF document, which contains a font that hides a special program. When your iOS device tries to display the PDF file, that font causes something called stack overflow, a technical condition that allows the secret ninja code inside the font to gain complete control of your device.

The result is that, without any user intervention whatsoever, that program can do whatever it wants inside your iPhone, iPod touch or iPad. Anything you can imagine: Delete files, transmit files, install programs running on the background that can monitor your actions… anything can be done.

Until an official fix is issued, experts warn against directly visiting PDF links and opening PDF files from unknown sources.

Tags: , , , , ,
Posted in Uncategorized | No Comments »

Good Technology Standardizes on Mocana to Secure Mobile Offerings

Sunday, July 25th, 2010

Mocana today announced that Good Technology has licensed its NanoCrypto cryptographic engine for use on supported mobile platforms, including iOS, Android, Symbian, Windows Mobile, and Palm webOS. Good for Enterprise enables IT administrators to easily define and distribute configuration profiles and enforce compliance policies for devices using the web-based Good Mobile Control console. With solutions that combine a great user experience with the tools that IT needs to manage and protect its mobile enterprise, Good Technology will implement Mocana’s NanoCrypto as their universal security client, protecting against increasingly sophisticated attacks directed specifically at non-PC smart devices.

Good Technology–whose solutions can be found in some of the most sensitive government and business settings–needed a portable, universal crypto solution and the proven expertise of a smart device security leader. They chose Mocana. NanoCrypto is Mocana’s super-fast, super-small, government-certified cryptographic engine, purpose-built for the entire ecosystem of smart devices, of which smartphones are just one category.

Click here to view the full press release.

Tags: , , , , , , , , ,
Posted in Uncategorized | No Comments »