Micro Systemation’s XRY app can crack passcodes for iPhones and Android devices within minutes, and is being used by a growing number of law enforcement agencies.
The four-digit
password on Apples iPhone is no match for Micro Systemations XRY application.
The password
on the popular smartphone can probably keep a regular person who finds the
device from breaking into it. However, the software from the Swedish company,
which it sells to law enforcement agencies, can crack the code on an iPhone or
a smartphone running Googles Android mobile operating system within minutes,
as
shown in this video of the application working on
an iPhone 4S.
According to
Micro Systemation, XRY essentially jailbreaks the device in the same manner
that regular jailbreakers do. It then runs every combination of four-digit
passcodes (there are 10,000 of them) until it hits the right one. Once that
happens, all the data on the phone can be accessed, according to the company.
The datafrom
call logs and contacts to messages, files and GPS locationis sent to a PC,
decrypted and then displayed.
Micro
Systemation Marketing Director Mike Dickinson
told Forbes.com that there are no back doors
left open by the device manufacturers that XRY exploits. Instead, the
application finds the same security flaws that regular jailbreakers do when
they seek to get around any restrictions on applications that can be downloaded
onto the smartphone.
The company
spends a lot of time on finding these security flaws, Dickinson saidhalf of
the Micro Systemations 75 employees are in research and development.
Every week, a
new phone comes out with a different operating system, and we have to reverse-engineer
them, he told Forbes. Were constantly chasing the market.
It apparently
is a good business for the company, particularly given the skyrocketing growth
in smartphone sales. The company has doubled the number of employees since
2009, grown revenues 25 percent a year and generated $18 million in 2011, a $6
million jump from the previous year.
The companys
passcode-breaking products are sold in 60 countries, with particular interest
among law enforcement agencies, according to Micro Systemation. Many police
departments in the United States are customers, as is the FBI and the U.S.
military, which Dickinson said is the firms largest customer. About 98 percent
of all police departments in the United Kingdom are customers.
Its a
massive boom industry, the growth in evidence from mobile phones, Dickinson
said. After 20 years or so, people understand they shouldnt do naughty things
on their personal computers, but they still dont understand that about phones.
From an evidential point of view, its of tremendous value.
iPhone users
are strongly encouraged by Apple to put in a four-digit passcode to protect
their smartphones in case their devices are lost or stolen. However, according
to a survey last year by the developer of the iPhone app Big Brother Camera,
many
users arent being particularly wise about the
four numbers they choose.
According to
Daniel Amitay, the 10 most common passcodes used by iPhone users accounted for
15 percent of all the passwords that were analyzed. Amitay said on his Website
in June 2011 that the most common passcodes were 1234, 0000, 2580, 1111, 5555,
5683, 0852, 2222, 1212 and 1998.
Formulaic
passwords are never a good idea, Amitay said, but his analysis found that most
users selected easy-to-guess codes.
Out of the
204,508 codes the app sent back anonymously to Amitay, "1234" was the
most commonly used, with 4.3 percent of the users. The second-most-common code
was "0000," picked by 2.6 percent of the users.
Amitays Big
Brother Camera Security app is designed to let owners know who could be using
the smartphone without permission. The app automatically takes a photo of
anyone using the iPhone in the front-mounted camera; it also collects
information about the passcodes being used to protect the camera app. Amitay
believes theres a strong correlation between the four-digit passcode being
used for the app and the one being used to lock up the iPhone.
Email
Print
