Apple has historically been very guarded and secretive. While this is still true today, the company has definitely become more open after Steve Job's death. Quite frankly, the fact that there are now public betas for both iOS and macOS is mind-blowing for the Apple faithful. Last month, the company even launched its first bug bounty program! Why did Apple soften its guarded position? It had to. As the technology market advances, and security becomes a bigger focus, it is not possible to catch all bugs and vulnerabilities in house.
Apple plans to fix a vunerability in iOS 10 discovered by controversial Russian forensics company Elcomsoft that puts iPhones’ security at risk.
Apple added an alternative password verification mechanism to iOS 10, inadvertently weakening the security of local backups, the company said.
Apple is brewing a fix to patch an iOS password flaw that allows credentials to be stolen from backups.
Elcomsoft researcher Oleg Afonin says the flaws mean cracking efforts against iOS 10 backups are 2500 times faster compared to similar efforts against iOS 9. If successful, the attack will grant access to device keychains.
The latest iOS released earlier this month allows six million passwords to be attempted each second compared to 2400 a second against iOS 9, using an Intel i5 processor. Afonin conducted his research using a commercial tool.
A flaw Apple introduced in iOS 10 has made it far easier for password crackers to brute-force data backed up to iTunes, including credentials stored in Keychain.
iOS 10 might be the most secure version of Apple's mobile OS, but Apple reportedly made a serious blunder in its implementation of password verifications for iOS 10 backups to iTunes on Mac and Windows PCs.
When Mac OS X (as it was then called) first moved to a yearly release cycle in 2011, Apple had trouble defining its scope for each release. Lion, the first in this cadence and the first release to pull in a significant number of features from iOS, feels like a half-finished version of Mountain Lion in retrospect. Mavericks stripped out some of previous versions' skeuomorphism and superfluous texture, but the Mac didn’t fully match with iOS 7 until Yosemite came out a year later.