Breaking_into_the_iCloud_Keychain.pdf

議程摘要 Abstract Apple iCloud is one of the most popular cloud services (among others like Google, Microsoft, Dropbox), but it is not just the storage. It is being used for iOS devices backups, synced information from devices (from contacts to documents and media files) and much more. The most interesting part of it is the iCloud Keychain, that keeps the most valuable information such as passwords to various accounts: mail, Wi-Fi access points, online banking -- virtually all services you ever used on the iPhone. Credeit card data is there as well. The iCloud Keychain is very well protected from hackers, but there are still some ways to break into it using so-called 'recovery' and 'synced' algorithms. We will show how the scilled hacker (or forensic specialist) can do that, and how two-factor authentication can actually help them, making the iCloud Keychain a bit less secure.