31 May, 2013 | FierceMobileIT - http://www.fiercemobileit.com/
Apple's new security system fails to protect files stored in iCloud, says security firm Read more: Apple's new security system fails to protect files stored in iCloud, says security firmApple's (NASDAQ: AAPL) new two-factor authentication system does not apply to iCloud backups, enabling a hacker with a user's Apple ID and password to download and access information stored in iCloud, according to Vladimir Katalov with security firm ElcomSoft. Read more: Apple's new security system fails to protect files stored in iCloud, says security firm - FierceMobileIT http://www.fiercemobileit.com/story/apple-new-security-system-fails-protect-files-stored-icloud-says-security-f/2013-05-31#ixzz2V9p8DSUF Subscribe at FierceMobileIT
30 May, 2013 | TidBITS - http://tidbits.com/
Elcomsoft Details Lapses in Apple’s Two-Factor Authentication ApproachWhen Apple added optional two-factor authentication for Apple IDs recently, many applauded the move (as we did in “Apple Implements Two-Factor Authentication for Apple IDs,” 21 March 2013). Requiring both a static password and a temporary code for logins from new devices reduces the chance of an undesirable party — online criminal, spurned lover, or repressive government — gaining access to your account. Two-factor authentication doesn’t eliminate the possibility of an account being compromised, but it sets the bar significantly higher.
30 May, 2013 | Cult of Mac - http://www.cultofmac.com/
Apple’s Two-Step Authentication Doesn’t Protect Your iCloud BackupsApple's two-step authentication process is designed to make your Apple ID more secure...
30 May, 2013 | CNNExpansión - http://www.cnnexpansion.com/tecnologia/
Las fallas en la seguridad de AppleApple recientemente reforzó su sistema de autenticación en un esfuerzo por impedir los ataques informáticos, pero un nuevo informe revela que la medida de seguridad es deficiente en un rubro importante: su servicio en la nube. Desde marzo, Apple dio a conocer un método opcional de inicio de sesión de "autenticación de doble factor" para la ID de Apple. Es una herramienta de seguridad básica ya utilizada por Google, Facebook y Dropbox que requiere una contraseña y una pieza de datos, como una serie de números enviada a través de un mensaje de texto. Twitter también presentó recientemente un sistema de este tipo a raíz de una serie de ataques a cuentas. Sin embargo, la compañía de software de seguridad ElcomSoft explicó el jueves en un blog que las nuevas medidas implementadas protegen a los usuarios sólo en ciertas situaciones: en la compra de aplicaciones y música, cuando se gestiona una cuenta ID de Apple o al recibir asistencia al cliente. No protege otras informaciones importantes, como fotos y otros archivos almacenados en su servicio iCloud.
30 May, 2013 | iMore.com - http://www.imore.com/
Security Researcher Raises Concerns over Apple's Two-Step AuthenticationCEO Vladimir Katalov of the security software company Elcomsoft has published a post on CrackPassword outlining where he believes Apple’s two-step authentication comes up short. While he admits that the authentication works as advertised and it’s a good idea for people to enable it, he has also identified some areas that he thinks could use some improvement.
14 May, 2013 | InformationWeek - http://www.informationweek.com/
Apple iPhone Decryption Backlog Stymies PoliceApple is overwhelmed by requests from law enforcement agencies to decrypt seized iPhones, and its waiting list is so long that it may take months before new requests get handled. That revelation, first reported by CNET, was gleaned from a search warrant affidavit for a seized iPhone last summer by a federal agent who was investigating a Kentucky man on crack cocaine distribution charges.
10 May, 2013 | CNET - http://news.cnet.com/
Apple deluged by police demands to decrypt iPhonesATF says no law enforcement agency could unlock a defendant's iPhone, but Apple can "bypass the security software" if it chooses. Apple has created a police waiting list because of high demand. [...] Elcomsoft claims its iOS Forensic Toolkit can perform a brute-force cryptographic attack on a four-digit iOS 4 or iOS 5 passcode in 20 to 40 minutes. "Complex passcodes can be recovered, but require more time," the company's marketing literature says.
10 May, 2013 | Cult of Mac - http://www.cultofmac.com/
Apple Decrypts iPhone For the Police, But It Makes Them Wait [Report]Apple Decrypts iPhone For the Police, But It Makes Them Wait.
9 March, 2013 | The Economist - http://www.economist.com/
Picture imperfectA feature introduced several years ago by Canon and Nikon, the two leading camera manufacturers, gives photographers a way to prove, if challenged, that their images have not been manipulated. When a picture is taken, the cameras attach a coded signature that is destroyed if the image is modified and resaved. An intact signature, then, should prove that a photo is genuine. But researchers at ElcomSoft, a computer-security firm based in Moscow, have shown that the system is easily fooled. Counterfeiters can copy an image’s security signature and reapply it after retouching, says Vladimir Katalov, ElcomSoft’s boss.
1 March, 2013 | новости@mail.ru - http://news.mail.ru/
Мурманские криминалисты рассказали о своем центреВ решении вопросов исследования устройств фирмы Apple может помочь программное обеспечение «Elcomsoft iOS Forensic Toolkit», предназначенное для криминалистического исследования устройств на основе Apple iOS и позволяющее производить сбор информации и проводить судебные компьютерные экспертизы устройств iPhone, iPad и iPod производства компании Apple, работающих под управлением iOS версий 3.x, 4.x и iOS 5.0. С помощью данного программного обеспечения возможно получить полный доступ к информации, хранящейся в поддерживаемых устройствах. При производстве судебных компьютерных экспертиз по исследованию устройств фирмы Apple в 2012 году был получен положительный результат, положительный опыт направлен в регионы России.