Backup Passwords for iTunes “Easily Cracked”; Apple Developing on FixBy Sarene Mae Butao, UniversityHerald Reporter
The famous iOS10 is now using a new mechanism in its password verification for iTunes backups. The thing is, the new innovation might be a downside since it could be easier to crack says Elcomsoft, a company that focuses on designs of software that could access iPhone data.
iTunes backups that are encrypted, made on a Mac or PC are usually protected by a password that can potentially be opened with the use of a software designed to crack passwords. The methods of iOS 10 in backing up data hops some security checks which in turn permitting Elcomsoft to back up a password 2500x faster than that of the iOS 9 and older operating systems, MacRumors reported.
This means that Elcomsoft could easily access all the data that the phone has, that includes stored in Keychain, a platform that contains all the users passwords and other sensitive data.
In a Forbes interview, Apple has confirmed that it is aware of this particular problem and is currently looking for a way to fix it.
Apple capitalizes on the idea that this security oversight is only limited to backups that are necessarily built in a Mac and PC which doesn't include and affect the data that is stored in an iCloud storage. According to Apple, iPhone users shouldn't panic since it primarily requires the use of a Mac or a PC in backing up a particular data or password, according to Redmond Pie.
As of the moment, Apple is working on updates for iOS 10 as well as the macOS Sierra, and it is likely that the company will be fixing this issue together with the release of the newest versions of the software. iOS 10.1 and macOS Sierra 10.12.1 are already disseminated to developers as well as beta testers earlier this week so that means that anytime soon, the newest versions will have to be released.