Apple, BlackBerry & Windows backups can be hacked [DNA : Daily News & Analysis (India)]
(DNA : Daily News & Analysis (India) Via Acquire Media NewsEdge) Mumbai: Modern smartphones today store literally your whole life - photos, videos, contact information, location data, messaging and email and even financial information.
The problem with these smartphones is that they might not be smart enough to keep this data safe.
Smart devices can reveal a lot to prying eyes. Never before has it been possible to get everything with just one password; but with cloud storage it is possible to download your entire smartphone data through the Internet.
The compromise of your email address that can reset the password of your smartphone now has a lot more importance. Vladimir Katalov is CEO, co-founder and co-owner of ElcomSoft CoLtd - a company that makes password recovery software.
He explained at Nullcon 2014 how this works for three of the four most popular mobile devices:
Apple iCloud Backups: iCloud suggests backing up your iPhone data to Apple servers, which are in fact Amazon or Microsoft servers. But there is only one way to access backup data by design - just restoring the backup directly on to devices, and thus, only via Wi-Fi connection. The truth, however, is everything can be download on to a PC, provided the Apple ID and password are present.
Apart from backups, iCloud can store iTunes, photo stream, contacts, iWork documents, application files and more, which can be accessed either from any device signed up to the account or from icloud.com website.
The reality is different. It is possible to access and download *all* information stored there, by sending specific requests to iCloud.
BlackBerry: Device backups created with BlackBerry Desktop Software were easy enough to analyse. Password protection was there, but also relatively easy to crack. For Blackberry 10 devices, there is a new software: BlackBerry Link. Now there is no device password, but backup is encrypted using BlackBerry ID (and its password), as well as device-specific data, and moreover some specific data that should be obtained from BlackBerry servers (Olympia Service).
By design, it is not possible to restore BB backup to the other device, but only to the same one. But its now possible to hack backups made with BlackBerry Link - having, of course, the ID and password, as well as access to the named service.
Note: BlackBerry themselves can do that, too, regardless of the backup security settings you have.
Windows Phone 8: Not all the data from the device is stored on Windows Cloud, where you can get a list of apps installed, call history, accounts you have set up, IE favourites, media files (photos and videos), all settings and some other data.
Again, by design, you can only restore from backup to the appropriate device (and obviously, only through Wi-Fi). But there is a way to pull all of this information by fooling Microsoft servers about the same way it is done on the Apple iCloud.
(c) 2014 @ 2014 DILIGENT MEDIA CORPORATION LTD. ALL RIGHTS RESERVED
[ Back To TMCnet.com's Homepage ]