Thursday, October 22, 2015

Apple repeats to the police: it’s impossible to unlock an iPhone without password

The police is mad with Apple because they refuse to unlock iPhones seized to criminals. They believed Apple would have some kind of master password or backdoor, until the company has confirmed before a judge that this “master password” doesn’t exist, it's simply impossible. We'll also talk today about Android, the “new” attacks to NTP protocol and how the NSA broke the encryption of Internet. Here we go.

Since Apple put on the market the 8 iOS version, in the 90% of iPhones, the police ensures that they are unable to unlock smartphones to access the content without knowing the password. The past Monday Apple confirmed that this is impossible even for them, before a federal judge of the United States who reminded the company their obligation of cooperate with the law forces. Anyway, researchers have proven that is possible to access to an unlocked iPhone in other ways without breaking its encryption.

Adware cousins and brothers

And talking about security in mobile phones, we recommend an interesting research by Eleven Paths about the relationships between the different adwares for Android. So, this malware that appeared to be independent from the rest just belongs to the same authors, discovering that they're using the same certificates or dominions.

It has already been said by José Selvi

We continue with another research born in Spain which hasn't got the attention of the international media until it has been replicated by an American group of researchers: attacks to NTP protocol, the responsible of putting the clocks of our computers in hour. NTP is very bad protected and it's possible to change the hours to make multiples attacks, such as bringing back to life obsolete certificates or cheating in purchases with Bitcoins. Jose Selvi, who was recently interviewed in CIGTR, opened this line of investigation and he's even gone beyond than these researchers, who lend credibility to him in their report.

How the NSA breaks the encryption

We finish, like many times, with a text to expand our knowledge and practice the continuous learning. The teacher Arturo Quirantes, well known by the Spanish hacker community, is the author of “How the NSA deactivated the encryption on Internet"(first part), a funny and didactical text to extend our knowledge about encryption and its related attacks and vulnerabilities, discovered in the last years.

And this is how we finish our Thursday's summary, encouraging our readers because tomorrow is Friday and the weekend is coming.


Post a Comment