Has Apple Compromised Security for Convenience in iOS 11?
Has Apple compromised security on iOS 11?
In iOS 11, Apple introduced a new way it protects encrypted iOS backups. Unfortunately, this new method has left these files more vulnerable to certain types of attacks, according to ElcomSoft.
The Russian company explains that hackers could access your data must easier with iOS 11 installed on your device because of Apple’s changes.
Before iOS 11, someone would need physical access to your device, plus your passcode, and the password used for the encrypted backup of the device. That last requirement is no longer necessary.
They explain:
The passcode. This is all that’s left of iOS security in iOS 11. If the attacker has your iPhone and your passcode is compromised, you lose your data; your passwords to third-party online accounts; your Apple ID password (and obviously the second authentication factor is not a problem). Finally, you lose access to all other Apple devices that are registered with your Apple ID; they can be wiped or locked remotely. All that, and more, just because of one passcode and stripped-down security in iOS 11.
Apple’s move was undoubtedly one made for convenience. After all, without the actual device and passcode, a hacker still isn’t able to break into your device even with iOS 11 installed. Nonetheless, this is probably something Apple should once again review.
The ElcomSoft report is definitely worth a read.
Are you worried about security in iOS 11? Let us know below.
See also: