It has been revealed that Apple's latest iOS 10 software weaken security systems of the devices and Apple has admitted the security flaw. The iPhone maker revealed that it is aware of the fault and that it would correct the flaw in its next update.
A Russian independent digital forensics company Elcomsoft revealed that the iOS 10 software is easier to hack than its predecessor. Specialists at Elcomsoft were able to bypass security checks on iOS 10 though they also mentioned the hack could only be implemented on local iTunes backup.
The new authentication level in iOS 10 makes the device work faster though the operating system is also more prone to exploits. Due to the security flaw, hackers can easily get access to all backups including bank details, personal information among others. "We are addressing this issue in an upcoming security update. This does not affect iCloud backups," an Apple spokesperson told Forbes.
For the time being, Mac or PC users have been advised to protect their systems with strong passwords that can only be accessed by authorized users. Users can have additional security with FileVault whole disk encryption.
Even though the hack is applicable to local iTunes backup, it is a grave security risk for Apple users as they may end up sharing all backup data with hackers and also users' Keychain Access containing usernames and passwords for websites users frequently visit. Apple's decision to alter the process of encrypting backups made through iTunes has been severely criticized by experts. Security Adviser Per Thorsheim wondered whether the security leak resulting in weakening of privacy was intentional, a stupid glitch or whether developers made a mistake.
It has been revealed that hackers can easily hack into iOS devices by gaining access to computers where the iPad or iPhone backup is stored. Elcomsoft calls this logical acquisition. If a hacker is able to break the password, he/she may be able to decrypt the entire backup content, writes International Business Times.