Elcomsoft forensic tool snags iCloud backups without an Apple ID; only works under certain conditions

“Moscow-based Elcomsoft has developed a tool to collect iCloud backup files without knowing a person’s Apple ID, a development intended to help law enforcement analyze seized computers,” Jeremy Kirk reprots for IDG News Service.

“The company, which specializes in forensic tools, said the feature has been incorporated into the forensics edition of Phone Password Breaker, which can crack password-protected backups for Apple and BlackBerry devices,” Kirk reports. “Elcomsoft previously figured out how to access iOS mobile backups remotely without having a person’s actual device. But to do that, law enforcement did need to have a person’s Apple account credentials.”

“The latest development allows investigators to access an iCloud backup without those credentials. It does have limitations, however, as investigators need to have a suspect’s device in hand,” Kirk reports. “Also, when the computer is seized, the suspect has to be logged into the iCloud Control Panel, which is used to manage what data is backed up on a device.”

Read more in the full article here.

16 Comments

  1. I see this as a valuable resource for fighting crime and terrorism. But it is evil none the less as it can equally be used against political opponents and activists, people who want change for the better, as they would see it.

    So really tools I don’t want floating around. Maybe Apple can block this from being used, by patching whatever hole they are exploiting.

    1. It’s easy to say, Derek. Problem is – what do we do differently and who do we get to coordinate the running of the country? Do you know any viable system that does not result in accumulating more and more power and wealth in the hands of the few? Do you know any group of people that has not acted to do precisely that?

      1. “Do you know any group of people that has not acted to do precisely that?”

        Well, the people who want to see the country move back toward States Rights, under the existing power of our Constitution.

        That is the only way to stop an oligarchy covering the whole US.

        1. BoC, your comment I think is shortsighted. Well, “the people who want to see the country move back toward States Rights, under the existing power of our Constitution” (and by association and agreement with that thought, you) do realize that they are also people prone to accumulating power right? Meaning, the power will now start accumulating at the state level, where a few people at the state level will do the same thing that a few people at the federal level are currently doing? I think that is the dilemma that Sean is expressing. In the state’s case, the oligarchy will not exist at the federal level, true but it will start and build at the state level! Don’t you think?

      2. Every civilization his history has risen on hopes then died of self-destruction. Typically someone invades them and takes their resources as well. Such is our incoherent species. I keep trying to inject some sense of hope…

    2. Derek said ” Can we return to trusting our government ever again? ” … who’s ‘we?’ When was the last time the government was ‘trusted’ and by whom? There’s always been distrust of government by various segments of the population to one degree or another, rightly or wrongly. I could cite plenty of historical cases where large groups had good reason to distrust our government going back to Andrew Jackson and before. But of course all of it would be off topic 🙂

        1. Right … We The People … I agree, but not everyone agrees on what even that means, nor have they ever. You chose not to respond to the example of Andrew Jackson for whom Native Americans were not “The People” when he ordered their mass extermination, nor were Japanese Americans “The People” when they were interned during WWII. My point is only that those who focus on Obama as if he’s suddenly responsible for a government that oversteps its constitutional authority (in their opinion) are not learning from history. Anyone can slam a president they don’t like. Why single out the current one? … No the government is not suddenly more evil and overarching than it’s ever been.

          1. My personal POV is that we have maximum choice with maximum responsibility for the results of those choices. I consider it a ‘positive’ form of anarchy. It’s an ideal. I’ll stop there as I have a lot to say on the topic.

            I didn’t choose ‘not to respond to the example of Andrew Jackson….’ I don’t appreciate assumptions about me. You mentioned his name and you expected me to be an historian on the subject. That’s not a useful approach to interacting with people.

            I choose to point out that mankind consistently has a scapegoat in every culture. I have no idea why. It’s not how I think. I have very little interest in thinking like other people because I see the consequences, possibly more clearly than you. But since I’m not being allowed to feel comfortable chatting with you and you’ve got a lot to sort out in your mind, I’m going to leave you to it.

            Maybe we can chat another time when you’re not trying to use ME as some sort of scapegoat. In any case, keep growing and learning. There isn’t a lot of wonderful about where mankind is going right now. But it’s there. I enjoy finding it an encouraging it as best I can.

    3. I don’t think we will be trusting this government. Obama’s Justice Department sent US Marshals to confiscate documents concerning Stingray- paid for by the Feds and distributed to law enforcement to hack your phone without probable cause, a warrant, etc.

      After FOIA required release of the docs, the US Marshals showed up and grabbed the docs before they could be seen. It is not just the NSA and the bad guys hacking you- it is a raft of online data miners and officer friendly spoofing a cell tower with a Harris Stingray paid for by the Department of Defense of Homeland (In)Security.

      What a country.

  2. A huge security risk. All they need in order for this to work, is a device logged in to a users iCloud account in order to be able to access the files of that user. Eh, oh, hang on a minute…

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.