Passware Asserts: Android Backups are Not Any More Secure than iPhone Backups
Computer forensics now have full access to smartphone data – Passware pioneers cracking passwords for Android backups and reveals that the encryption is no stronger than for iPhone backups
MOUNTAIN VIEW, Calif., Oct. 23, 2013 /PRNewswire/ — Passware, Inc., a provider of password recovery, decryption, and electronic evidence discovery software for computer forensics, law enforcement organizations, government agencies, and private investigators, announces that Passware Kit Forensic is the first software to recover passwords for Android backups, which provides computer forensics with full access to a suspect’s smartphone data.
Through a strategic partnership with Oxygen Software, the leading software developer and provider of solutions that extract and analyze data from all types of mobile phones, smartphones, and other devices, computer forensics can now extract, decrypt, and analyze data easily from confiscated devices.
“The proliferation of smartphones throughout the enterprise and among consumers has allowed criminal behavior to go undetected without a tremendous amount of brute-force password checking,” said Dmitry Sumin, CEO of Passware. “Now, due to the expanded capabilities of Passware Kit Forensic to crack Android phones quickly, IT computer forensic professionals can easily gain access to data residing on the most widely used smartphones.”
Until now, there has been no way to automate the recovery of Android backup passwords. Passware Kit’s average speed for cracking them is over 1,300 passwords per second, which is no faster than for iPhone passwords. Acceleration of this speed by up to 20 times is possible if a computer has an NVIDIA or AMD graphic card, and can achieve 26,000 passwords per second with just a single GPU unit. Further acceleration is possible with distributed computing.
“A mobile device itself is not the only source of evidence and in some cases is not available for law enforcement, investigations, and eDiscovery,” said Oleg Fedorov, CEO of Oxygen Forensics. “Now experts need to forensically extract data from all possible sources including backups. Partnering with Passware gives our customers access to password-protected Android and iTunes backups data through a single interface.”
How it Works and Feature Enhancements
Passware Kit Forensic extracts an encryption key from the backup file header and compares it with a hash generated from each password checked. Each password is hashed 10,000 times before it is compared with an encryption key. Passware Kit Forensic manages to perform these operations with 26,000 passwords a second. From a user’s perspective, this is just a regular brute-force password checking process, which can involve dictionaries, Xieve tables, applied password patterns, etc.
The latest version of Passware Kit Forensic includes enhanced features such as:
-- 64-bit version that allows efficient processing of large numbers of files simultaneously, as well as big custom dictionaries -- Password recovery speed improvements for frequently used file types, such as MS Office 2007-2013 documents, and RAR archives -- Instant password reset for Windows Small Business Server and Windows Server 2013 Domain Administrators
Recent Product Demonstrations
The pre-release version of Passware Kit Forensic 13.0 was recently presented at the Swiss IT-Forensic Investigator Conference 2013 (Bern, Switzerland, October 15, 2013) and Digital Investigations Conference 2013 (Zurich, Switzerland, October 16, 2013), the main IT security conferences in Switzerland designed for computer forensic experts, vendors, partners, and sponsors working in digital investigations and e-discovery.
Passware presented on optimizing password recovery, including: cracking passwords for multiple files, working in batch mode, as well as distributed computing, hardware acceleration, and hibernation file analysis.
Pricing and Availability
Passware Kit Forensic is available directly from Passware and a network of resellers worldwide. The price is $995 with one year of free updates. Additional product information and screen shots are available at http://www.lostpassword.com/kit-forensic.htm.
About Passware, Inc.
Founded in 1998, Passware, Inc. is the worldwide leading maker of password recovery, decryption, and electronic evidence discovery software. Law enforcement and government agencies, institutions, corporations and private investigators, help desk personnel, and thousands of private consumers rely on Passware software products to ensure data availability in the event of lost passwords. Passware customers include many Fortune 100 companies and various US federal and state agencies, such as the IRS, US Army, US Department of Defense (DOD), US Department of Justice, US Department of Homeland Security, US Department of Transportation, US Postal Service, US Secret Service, US Senate, and US Supreme Court.
More information about Passware, Inc. is available at http://www.lostpassword.com/. Passware is a privately held corporation with its headquarters in Mountain View, Calif. and a software development and engineering office in Moscow, Russia.
SOURCE Passware, Inc.