Your iPhone’s Encrypted Data Can Now Easily Be Cracked

Your iPhone’s Encrypted Data Can Now Easily Be Cracked

Since iOS 4, Apple has been securing your iPhone’s data with 256-bit encryption. That encryption has just been cracked, and just by running a simple program, anyone with access to your handset can access the full data stored even in encrypted iPhone backups.

The software is called the Phone Password Breaker Tool, and using your computer’s GPU for extra encryption-cracking chutzpah, it will smash its way through the encryption of any iPhone… as long as the cracker has access to that iPhone physically.

That’s the good news, because it means that remote cracking of an iPhone — or even cracking an iTunes backup — isn’t possible without the device also being plugged in. The software needs to pluck data like your iPhone’s UDID from the hardware itself to decrypt your iTunes iPhone backups.

In truth, this isn’t really that big of a deal: security begins with physical security, and if a hacker’s got access to both your phone and your computer, the encryption being cracked is really the least of your concerns.

Still, if any of you have been cuckolding a hacker-minded spouse, you might want to wipe the texts from your iPhone before he gets wind of this post… and drops $79 on Phone Password Breaker Tool.

Related
  • prof_peabody

    The word “easily” is incorrect.  

    As described, it’s a long hard process that requires special computing equipment and possession of the iPhone itself.  So if you are working for the Russian Mob or the CIA, you should possibly be worried, but if you are an average citizen of the world, probably not at all.  

  • fff

    If someone has my device, I’m not worried about my backups. I’m worried about them accessing *the actual device.*

  • Vvv850

    So your previous affirmation from a previous article: “if you want your smartphone to be secure, buy an iPhone over an Android device” was a little bit hasty and subjective don’t you think?

  • trrosen

    Wow another completely false and misleading post by Brownlee. His ability to spew crap has no limit.

    The encryption has not been cracked this is a brute force tool it simply tries millions of passwords hoping to find the right one. Oh and it’s only sold to law enforcement. So unless your spouse is a state trooper or in the CIA your pretty safe.

    Note the product does not guarantee it can find a password.

  • melo

    How low can you get? Did you even did the bit of research, like reading the product FAQ? If you did you would see that with some creative password choices, the process can take a lifetime!

    This tool is a *brute-force* cracking tool. Its not something “easy” and magical like you see in the movies. This is reality. Unless someone comes up with a flaw in the encryption code Apple used, you will take years to crack a complex password (not talking about size even, use a larger variety of characters).

    Do your selfs a favor and remove the “easily” word from the title. It makes you look unprofessional and clueless.

    Best regards,

  • hikingmike

    256 bit encryption? Give me a break. Unless there is a flaw like melo said, this isn’t feasible for most people. Something tells me the author hasn’t actually tried this :)

About the author

John BrownleeJohn Brownlee is a Contributing Editor. He has also written for Wired, Playboy, Boing Boing, Popular Mechanics, VentureBeat, and Gizmodo. He lives in Boston with his girlfriend and two parakeets. You can follow him here on Twitter.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News | Tagged: , , |