RKOV (paradoox) wrote,

Another iCloud Security Hole?

I already posted this to Facebook, but I'm posting it here for a wider / different distribution ...

This came from an email message I received from Elcomsoft.  I have no reason to doubt them.

In our continuous research of Apple cloud services, we discovered yet another bit of synced data that could be invaluable to investigators. It turns out that Apple's cross-device sync of Safari browsing history never destroys entries deleted by the user. As a result, we were able to extract deleted Safari browsing history records going back more than one year. An updated version of Elcomsoft Phone Breaker (6.40 or newer) is required to download the deleted records, while Elcomsoft Phone Viewer 3.25 or newer is needed to view those records.

All you need to download deleted Safari browsing history from iCloud are the user's Apple ID and password or their iCloud authentication token. If you opt for the token, you can bypass two-factor authentication checks.

Elcomsoft Phone Breaker 6.40 is available as a free update to owners of non-expired licensed for previous versions of Elcomsoft Phone Breaker or Elcomsoft Mobile Forensic Bundle.


  • Help with saving stuff from Lunacon

    In case anyone is following here and not on FB: I've created a GoFundMe for the extra expenses in saving stuff from Lunacon. Please help if you…

  • Return of revenge of KB2952664

    So, it seems that Microsoft KB2952664 may actually be more invasive than (I) previously thought. This is the Microsoft snooping / reporting…

  • And the spam / scams continue

    Be careful out there! I received the following email which almost caught me: From: John Worley <john@johnathanworley.com> Date: Fri, Apr…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened