Page 3 – Breaking My iPad, Final Thoughts on Phone Breaker, and Pricing
Breaking My iPad
The Phone Breaker has a graphical user interface that is easy to use, and doesn’t require specialized knowledge except knowing what certain things are, and pressing buttons. As long as you have the Apple ID and password in question, you can:
- Download iCloud backups, files, photos, keychains and other synced data
- Decrypt and browse through iTunes backups
- Decrypt a Mac’s FileVault disk
- Extract an authentication token from a non-live macOS system
I started using the tool by creating an encrypted backup of my iPad Air through iTunes. Once that was done, I fired up the Phone Breaker and browsed to the backup image (it fills in the directory path to those files automatically). I entered my backup password, and within seconds I was exploring my iCloud Keychain, as you can see in the image below. It included such things as:
- Apple IDs
- Wi-Fi accounts
- Mail accounts
- Browser passwords: Including creation date, modification date, URL, and username
- Credit cards (which I don’t store)
- DSIDs & Tokens: Stands for Destination Signaling IDentifier [PDF], and is an unique ID assigned to the user when registering at iCloud.com.
You can even create a wordlist of the passwords that can be used in future brute-force attacks on other systems. A wordlist is basically a giant list of passwords used in a dictionary attack to crack passwords. Additionally, the Phone Breaker supports GPU accelerated password cracking, which is faster and more efficient than relying on a CPU.
Decrypting and extracting data from a local iTunes backup was the furthest I wanted to do. I wasn’t keen on breaking into iCloud, and I saw and read enough to come to the conclusion that this is real. For the first time, the sanctity of iCloud Keychain has been breached. I reached out to Apple’s Product Security team for a comment, but they referred me to Apple’s general public relations contact, and they didn’t respond at all.
Phone Break Pricing
How much is the Phone Breaker anyway? There are three editions available for Windows and macOS:
- Home Edition: US$79
- Professional Edition: US$199
- Forensic Edition: US$799
Much of the functionality is only available in the Forensic Edition, such as:
- Supporting Apple IDs with two-step verification and two-factor authentication
- Accessing iCloud without login and password
- Decrypting FileVault 2 hard disks
- Downloading files from iCloud
- Decrypting Blackberry 10 backups
Apple takes security very seriously, but we don’t know what Cupertino thinks of forensic tools such as Elcomsoft’s Phone Breaker. It’s a tool that allows law enforcement like the FBI—or anyone else—to extract more data from iPhones and iPads in their possession–if they have your login credentials. For now, Apple seems to allow it in that they haven’t done anything to stop its use…yet.
And, as Dave Hamilton of The Mac Observer pointed out, there are certain situations where having a tool access your iCloud Keychain might be okay. Maybe you forgot your login and password and need your data. I’ve also read stories in the news where a family wanted to access their loved one’s device, but couldn’t because of the device encryption.