Apple’s image as a security-first company has taken a beating with a new report which alleges that the company has lowered its safety standards in iOS 10. The software is apparently much easier to hack than iOS 9.
This surprising bit of information comes courtesy Elcomsoft, a Russian forensics company specializing in selling kits to break into iPhones. The firm discovered an alterative verification mechanism for password-protected manual backups done via iTunes. The new method co-exists with the older one, allowing attackers to crack the code 2500 times faster than the latter.
This is pretty worrying for iPhone users who prefer local backups stored on their computer rather than using iCloud. The new system skips vital security checks which previousl iOS versions went through, making way for a whopping 6 million password guesses to be made per second as opposed to the previous 2400.
Elcomsoft goes as far as to claim that it has an 80% to 90% chance of successfully obtaining the right password thanks to the security hole. Apple for its part has acknowledged the issue. It’s promised to address the problem in an upcoming security update and claims the flaw doesn’t affect iCloud backups.
For now, Apple is recommending Mac and PC owners to protect their computer with a strong password. The tech giant’s latest iOS 10 update had notably solved a previous issue concerning the iPhone 7 wherein some users lost access to headphone audio controls while their Lightning EarPods and Lightning-to-3.5mm adapter were plugged in.