Mubasa ravo, makomputa forensic nyanzvi dzinogara dzichisangana nemakesi kana zvichidikanwa kukurumidza kuvhura smartphone. Semuenzaniso, data kubva pafoni inodiwa nekuferefeta kuitira kuti unzwisise zvikonzero zvekuzviuraya kwevechiri kuyaruka. Mune imwe nyaya, ivo vachabatsira kupinda munzira yeboka rematsotsi rinorwisa vatyairi vemarori. Kune, hongu, nyaya dzakanaka - vabereki vakakanganwa password kune gadget, uye paiva nevhidhiyo ine matanho ekutanga emwana wavo pairi, asi, zvinosuruvarisa, kune vashomanana vavo. Asi ivo vanodawo nzira yehunyanzvi panyaya iyi. Munyaya ino Igor Mikhailov, nyanzvi yeBoka-IB Computer Forensics Laboratory, inotaura nezve nzira dzinobvumira nyanzvi dzezvemberi kudarika iyo smartphone lock.
Zvakakosha: Chinyorwa ichi chakanyorerwa kuongorora kuchengetedzeka kwemapassword uye graphic mapatani anoshandiswa nevaridzi vemidziyo nhare. Kana ukafunga kuvhura nharembozha uchishandisa nzira dzakatsanangurwa, yeuka kuti unoita zviito zvese kuvhura zvishandiso panjodzi yako uye nenjodzi. Paunenge uchishandura nharembozha, unogona kukiya mudziyo, kudzima data remushandisi, kana kuita kuti mudziyo utadze kushanda. Zvinokurudzirwa zvinopihwa zvakare kune vashandisi nezve nzira yekuwedzera mwero wekudzivirira kwemidziyo yavo.
Saka, nzira yakajairika yekudzora kuwana ruzivo rwemushandisi rwuri mumudziyo ndeye kukiya iyo skrini yenharembozha. Kana mudziyo wakadaro uchipinda murabhoritari yeforensic, kushanda nayo kunogona kuve kwakaoma, nekuti kumudziyo wakadaro hazvibviri kumisa iyo USB debugging mode (yemidziyo yeAroid), hazvigoneke kusimbisa mvumo yekuti komputa yemuongorori ibatane neizvi. mudziyo (weApple nharembozha), uye, semhedzisiro, hazvibviri kuwana data rakachengetwa mundangariro yemuchina.
Nyaya yekuti US FBI yakabhadhara mari yakawanda kuti ivhure iPhone yegandanga Syed Farouk, mumwe wevatori vechikamu mukurwiswa kwehugandanga muguta reCalifornia reSan Bernardino, inoratidza kuti yakawanda sei kuvharika kwechivharo chenharembozha kunodzivirira nyanzvi kubva. kuburitsa data kubva mairi [1].
Mobile Device Screen kiinura nzira
Semutemo, kuvhara skrini yenharembozha inoshandiswa:
- Symbolic password
- Graphic password
Zvakare, nzira dzeSmartBlock tekinoroji dzinogona kushandiswa kuvhura chidzitiro chehuwandu hwenharembozha:
- Kiinura zvigunwe
- Kuvhura kumeso (FaceID tekinoroji)
- Vhura mudziyo nekuzivikanwa kweiris
Social nzira dzekuvhura nharembozha
Pamusoro peiyo chete tekinoroji, kune dzimwe nzira dzekuwana kana kukunda iyo PIN kodhi kana graphic kodhi (pattern) yekukiya skrini. Mune zvimwe zviitiko, nzira dzekugarisana nevamwe dzinogona kushanda zvakanyanya kupfuura zvigadziriso zvehunyanzvi uye kubatsira kuvhura zvishandiso zvinokurirwa nekuvandudzwa kwehunyanzvi huripo.
Ichi chikamu chinotsanangura nzira dzekuvhura chidzitiro chenharembozha isingade (kana inongoda zvishoma, chikamu) kushandiswa kwehunyanzvi nzira.
Kuita kurwiswa munharaunda, zvinodikanwa kuti udzidze psychology yemuridzi wemudziyo wakakiyiwa zvakadzama sezvinobvira, kuti unzwisise misimboti yaanogadzira uye kuchengetedza mapassword kana graphic mapatani. Zvakare, muongorori achada donhwe rerombo.
Paunenge uchishandisa nzira dzine chekuita nekufungidzira password, zvinofanirwa kurangarirwa kuti:
- Kuisa mapassword gumi asiri iwo paApple nharembozha kunogona kuita kuti data remushandisi dzidzimwe. Izvi zvinoenderana nekuchengetedza zvigadziriso izvo mushandisi akaisa;
- pane nharembozha dzinomhanyisa iyo Android inoshanda sisitimu, Root yeTrust tekinoroji inogona kushandiswa, izvo zvinozotungamira kune chokwadi chekuti mushure mekupinda makumi matatu asiri iwo mapassword, data yemushandisi inogona kunge isingasvikike kana kudzimwa.
Nzira 1: bvunza password
Zvinogona kuita sezvisinganzwisisike, asi iwe unogona kuwana iyo yekuvhura password nekungobvunza muridzi wemudziyo. Huwandu hunoratidza kuti vangangoita makumi manomwe muzana evaridzi vemidziyo nhare vanoda kugovera password yavo. Kunyanya kana ichizopfupisa nguva yekutsvagisa uye, zvinoenderana, muridzi achadzosa mudziyo wake nekukurumidza. Kana zvisingabviri kubvunza muridzi password (somuenzaniso, muridzi wemudziyo afa) kana kuti anoramba kuzvizivisa, password inogona kuwanikwa kubva kuhama dzake dzepedyo. Sezvo mutemo, hama dzinoziva password kana kuti dzinogona kupa mazano anogoneka.
Kurudziro yekudzivirira: Pasiwedhi yefoni yako kiyi yepasirese kune ese data, kusanganisira yekubhadhara data. Kutaura, kutumira, kunyora munhume pakarepo ipfungwa yakaipa.
Nzira 2: peep password
Iyo password inogona kupepwa panguva iyo muridzi anoshandisa mudziyo. Kunyangwe iwe ukarangarira password (hunhu kana graphic) zvishoma chete, izvi zvinonyanya kuderedza huwandu hwesarudzo dzinogoneka, izvo zvinokutendera kuti uzvifungidzire nekukurumidza.
Musiyano weiyi nzira kushandiswa kweCCTV footage inoratidza muridzi achivhura mudziyo achishandisa patani password [2]. Iyo algorithm inotsanangurwa mubasa "Kupwanya Android Pattern Lock muKuedza Zvishanu" [2], nekuongorora mavhidhiyo akarekodhwa, inokubvumira kufungidzira zvingasarudzwa zve graphic password uye kusunungura chigadzirwa mukuedza kwakati (semutemo, izvi hazvidi zvimwe. kupfuura kuedza kashanu). Maererano nevanyori, "iyo yakanyanya kuoma iyo graphic password, zviri nyore kuitora."
Kurudziro yekudzivirira: Kushandisa graphic kiyi haisi iyo yakanakisa pfungwa. Iyo alphanumeric password yakaoma zvikuru kutarisa.
Nzira 3: tsvaga password
Iyo password inogona kuwanikwa muzvinyorwa zvemuridzi wechigadzirwa (mafaira ari pakombuta, mune diary, pane zvidimbu zvepepa zviri mumagwaro). Kana munhu akashandisa akati wandei nharembozha uye aine mapassword akasiyana, saka dzimwe nguva mukamuri yebhatiri yemidziyo iyi kana munzvimbo iri pakati pekesi ye smartphone nekesi, unogona kuwana zvimedu zvepepa rine mapassword akanyorwa:
Kurudziro yekudzivirira: hapana chikonzero chekuchengeta "notebook" ine mapassword. Iyi ipfungwa yakaipa, kunze kwekunge ese mapassword aya achizivikanwa kuve emanyepo kudzikisa huwandu hwekuyedza kuvhura.
Nzira 4: zvigunwe (Smudge attack)
Iyi nzira inobvumidza iwe kuona dikita-mafuta anoteedzera mawoko pachiratidziro chemudziyo. Iwe unogona kuvaona nekubata chidzitiro chechishandiso nehupfu hwemunwe wakajeka (panzvimbo peiyo yakakosha forensic poda, unogona kushandisa mucheche poda kana imwe kemikari isingashande poda yakatsetseka yechena kana grey ruvara) kana nekutarisa skrini ye mudziyo mune oblique mwaranzi yechiedza. Kuongorora nzvimbo dzehama dzemaoko uye kuva neruzivo rwakawedzerwa nezvemuridzi wechigadzirwa (somuenzaniso, kuziva gore rake rekuzvarwa), unogona kuedza kufungidzira chinyorwa kana graphic password. Aya ndiwo maratidziro akaita dikita-fat layering senge pane smartphone kuratidza muchimiro chemavara ane stylized Z:
Kurudziro yekudzivirira: Sezvatakataura, graphic password haisi zano rakanaka, senge magirazi ane urombo oleophobic coating.
Nzira 5: chigunwe chekugadzira
Kana mudziyo uchikwanisa kuvhurwa nemunwe, uye muongorori aine masampuli emaoko emuridzi wemudziyo, ipapo kopi ye3D yemunwe wemuridzi wemunwe inogona kuitwa pane 3D printer uye inoshandiswa kuvhura mudziyo [XNUMX]:
Kuti uwane kutevedzera kwakazara kwemunwe wemunhu mupenyu - semuenzaniso, kana iyo smartphone's fingerprint sensor ichiri kuona kupisa - iyo 3D modhi inoiswa pa (inotsamira pa) munwe wemunhu mupenyu.
Muridzi wemudziyo wacho, kunyangwe akakanganwa password yekuvhara skrini, anogona kuvhura mudziyo iye pachake achishandisa zvigunwe zvake. Izvi zvinogona kushandiswa mune dzimwe nguva apo muridzi asingakwanise kupa password asi achida kubatsira muongorori kuvhura mudziyo wavo zvakadaro.
Muongorori anofanirwa kurangarira zvizvarwa zvemasensor anoshandiswa mumhando dzakasiyana dzenharembozha. Mhando dzekare dze sensors dzinogona kukonzereswa nechero chigunwe, kwete hazvo muridzi wemudziyo. Mazuva ano ultrasonic sensors, pane zvinopesana, tarisa zvakanyanya uye zvakajeka. Uye zvakare, akati wandei emazuva ano epasi-screen sensors angori CMOS makamera asingakwanise kuongorora kudzika kwemufananidzo, izvo zvinoita kuti zvive nyore kupusa.
Kurudziro yekudzivirira: Kana munwe, ipapo chete ultrasonic sensor. Asi usakanganwa kuti kuisa munwe unopesana nechido chako zviri nyore kupfuura chiso.
Nzira 6: "jerk" (Mug kurwisa)
Iyi nzira inotsanangurwa nemapurisa eBritish [4]. Inosanganisira mukuvanda kutariswa kweanofungirwa. Panguva iyo munhu anofungirwa anokiinura nharembozha yake, mumiririri akapfeka hembe anoibvuta kubva mumaoko emuridzi wodzivirira kuti mudziyo uyu usakiyiwe zvakare kusvika wapihwa nyanzvi.
Kurudziro yekudzivirira: Ndinofunga kana matanho akadaro achizoshandiswa kwauri, saka zvinhu zvakaipa. Asi pano iwe unofanirwa kunzwisisa kuti kuvharika kusingaite kunoderedza nzira iyi. Uye, semuenzaniso, kuramba uchidzvanya bhatani rekuvhara pa iPhone inotanga SOS modhi, iyo mukuwedzera kune zvese inodzima FaceID uye inoda passcode.
Method 7: zvikanganiso mumudziyo wekudzora algorithms
Mumafeed enhau ezviwanikwa zvehunyanzvi, unogona kazhinji kuwana mameseji anotaura kuti zvimwe zviito nemudziyo unovhura skrini yayo. Semuyenzaniso, kukiya chidzitiro chezvimwe midziyo chinogona kuvhurwa nekufona kuri kuuya. Izvo zvisingabatsiri zveiyi nzira ndeyokuti zvisizvo zvakaonekwa, sekutonga, zvinobviswa nokukurumidza nevagadziri.
Muenzaniso wekuvhura nzira yemidziyo nhare yakaburitswa 2016 isati yasvika ndeyekudonha kwebhatiri. Kana bhatiri rakaderera, mudziyo uchavhura uye unokukurudzira kuti uchinje magadzirirwo emagetsi. Muchiitiko ichi, iwe unofanirwa kukurumidza kuenda kune peji ine zvigadziriso zvekuchengetedza uye wodzima kukiya skrini [5].
Kurudziro yekudzivirira: usakanganwa kugadzirisa OS yemudziyo wako nenguva, uye kana isingachatsigirwi, shandura smartphone yako.
Nzira 8: Kusagadzikana muzvirongwa zvebato rechitatu
Kusagadzikana kunowanikwa mune yechitatu-bato maapplication akaiswa pamudziyo anogonawo kupa zvizere kana zvishoma mukana wekuwana data yechinhu chakakiiwa.
Muenzaniso wekusagadzikana kwakadaro ndeyekubiwa kwedata kubva ku iPhone yaJeff Bezos, muridzi mukuru weAmazon. Kusagadzikana muWhatsApp messenger, yakashandiswa nevanhu vasingazivikanwe, zvakakonzera kubiwa kwedata rakavanzika rakachengetwa mundangariro yemudziyo [6].
Kusagadzikana kwakadaro kunogona kushandiswa nevatsvaguri kuzadzisa zvinangwa zvavo - kutora data kubva kumidziyo yakakiyiwa kana kuivhura.
Kurudziro yekudzivirira: Iwe unofanirwa kugadzirisa kwete chete OS, asiwo maapplication aunoshandisa.
Nzira 9: foni yekambani
Makambani enharembozha anogona kuvhurwa nemakambani system administrator. Semuenzaniso, makambani eWindows Foni michina yakabatana nekambani yeMicrosoft Exchange account uye inogona kuvhurwa nevakuru vekambani. Pamidziyo yeApple yemakambani, kune Mobile Device Management sevhisi yakafanana neMicrosoft Exchange. Mamaneja ayo anogona zvakare kuvhura iyo yemubatanidzwa iOS mudziyo. Pamusoro pezvo, nharembozha dzemakambani dzinogona kupetwa chete nemamwe makomputa anotsanangurwa nemutungamiriri mumasetin'i emudziyo. Naizvozvo, pasina kudyidzana nevatungamiriri vehurongwa hwekambani, chishandiso chakadaro hachigone kubatana nekombuta yemuongorori (kana software uye hardware system yekubvisa data data).
Kurudziro yekudzivirira: MDM yakaipa uye yakanaka maererano nedziviriro. Mutungamiri weMDM anogona kugara achigadzirisa mudziyo ari kure. Chero zvazvingaitika, haufanirwe kuchengeta data yakavanzika pamudziyo wekambani.
Nzira 10: ruzivo kubva kune sensors
Kuongorora ruzivo rwakagamuchirwa kubva kune sensors yemuchina, unogona kufungidzira password kune mudziyo uchishandisa yakakosha algorithm. Adam J. Aviv akaratidza kukwanisa kwekurwiswa kwakadaro achishandisa data yakawanikwa kubva ku-smartphone's accelerometer. Mukati mekutsvakurudza, musayendisiti akakwanisa kunyatsoona password yekufananidzira mu43% yezviitiko, uye graphic password - mu 73% [7].
Kurudziro yekudzivirira: Ngwarira kuti ndeapi mapurogiramu aunopa mvumo yekutevera masensa akasiyana.
Method 11: face unlock
Sezvineiwo zvechigunwe, budiriro yekuvhura mudziyo uchishandisa FaceID tekinoroji zvinoenderana nekuti ndeapi masensa uye ndeapi masvomhu anoshandiswa mune imwe nharembozha. Nokudaro, mubasa re "Gezichtsherkenning op smartphone niet altijd veilig" [8], vatsvakurudzi vakaratidza kuti mamwe emafoni akadzidzwa akavhurwa nekungoratidza mufananidzo wemuridzi kukhamera ye smartphone. Izvi zvinogoneka kana imwe chete yekumberi kamera ichishandiswa kuvhura, iyo isingakwanise kuongorora kudzika kwemifananidzo data. Samsung, mushure mezvinyorwa zvepamusoro-soro uye mavhidhiyo paYouTube, yakamanikidzwa kuwedzera yambiro kune firmware yemafoni ayo. Face Kiinura Samsung:
More advanced smartphone modhi inogona kuvhurwa uchishandisa mask kana mudziyo wega-kudzidza. Semuenzaniso, iyo iPhone X inoshandisa yakakosha tekinoroji yeTrueDepth [9]: purojekita yechishandiso, uchishandisa makamera maviri uye infrared emitter, mapurojekiti gidhi rine anopfuura zviuru makumi matatu mapoinzi pachiso chemuridzi. Mudziyo wakadaro unogona kuvhurwa uchishandisa chifukidzo chine makondiremu anoteedzera kutariswa kwechiso chemunhu akapfeka. iPhone kiinura mask [30]:
Sezvo hurongwa hwakadaro hwakaoma zvikuru uye hahushandi pasi pemamiriro ezvinhu akanaka (kuchembera kwepanyama kwemuridzi kunoitika, kuchinja kwekugadzirisa chiso nekuda kwekutaura kwemanzwiro, kuneta, hutano hwehutano, nezvimwewo), inomanikidzwa kugara uchidzidza. Naizvozvo, kana mumwe munhu akabata mudziyo usina kukiyiwa pamberi pake, chiso chake chichayeukwa sechiso chemuridzi wechigadzirwa uye mune ramangwana achakwanisa kuvhura iyo smartphone achishandisa tekinoroji yeFaceID.
Kurudziro yekudzivirira: usashandise kuvhura ne "mufananidzo" - chete masisitimu ane yakazara-yakazara kumeso scanners (FaceID kubva kuApple uye analogues paAroid zvishandiso).
Kurudziro huru haisi yekutarisa kamera, ingotarisa kure. Kunyangwe iwe ukavhara ziso rimwe chete, mukana wekuvhura madonhwe anodonha zvakanyanya, sekuvapo kwemaoko pachiso. Mukuwedzera, 5 chete kuedza kunopiwa kuvhura nechiso (FaceID), mushure mezvo iwe uchada kuisa passcode.
Method 12: Kushandisa Leaks
Leaked password dhatabhesi inzira huru yekunzwisisa psychology yemuridzi wemudziyo (tichifunga kuti muongorori ane ruzivo nezve kero yeemail yemuridzi wemudziyo). Mumuenzaniso uri pamusoro, kutsvaga kero yeemail kwakadzosa mapassword maviri akafanana aishandiswa nemuridzi. Zvinogona kufungidzirwa kuti password 21454162 kana mhedzisiro yayo (semuenzaniso, 2145 kana 4162) inogona kushandiswa senhare yekukiya kodhi. (Kutsvaga kero yeemail yemuridzi mumadhatabhesi anobvinza kunoburitsa mapassword angave akashandisa muridzi, kusanganisira kukiya nharembozha yake.)
Kurudziro yekudzivirira: ita zvine hungwaru, tarisa data nezve kuvuza uye shandura mapassword akaonekwa mukuvuza munguva yakakodzera!
Method 13: Generic mudziyo kukiya mapassword
Sezvo mutemo, hapana imwe nharembozha inotorwa kubva kumuridzi, asi akati wandei. Kazhinji kune akawanda emidziyo yakadaro. Muchiitiko ichi, unogona kufungidzira password yemudziyo uri munjodzi uye edza kuishandisa kune mamwe ma-smartphones uye mahwendefa akabatwa kubva kumuridzi mumwe chete.
Paunenge uchiongorora data rakatorwa kubva kunharembozha, data rakadaro rinoratidzwa muzvirongwa zve forensic (kazhinji kunyangwe uchitora data kubva kumidziyo yakakiyiwa uchishandisa akasiyana marudzi ehutera).
Sezvauri kuona muscreenshot yechikamu chehwindo rekushanda reUFED Physical Analyzer chirongwa, mudziyo wakakiyiwa neisina kujairika fgkl PIN kodhi.
Usaregeredza mamwe maturusi ekushandisa. Semuenzaniso, nekuongorora mapassword akachengetwa muwebhu bhurawuza cache yekombuta yemuridzi wemudziyo, munhu anogona kunzwisisa misimboti yekugadzira password iyo muridzi akateedzera. Unogona kuona mapassword akachengetwa pakombuta yako uchishandisa NirSoft utility [11].
Zvakare, pakombuta (laptop) yemuridzi wenharembozha, panogona kunge paine Lockdown mafaera anogona kubatsira kuwana yakakiyiwa Apple nharembozha. Iyi nzira ichakurukurwa inotevera.
Kurudziro yekudzivirira: shandisa akasiyana, akasiyana mapassword kwese kwese.
Nzira 14: Generic PINs
Sezvambotaurwa, vashandisi vanowanzo shandisa mapassword akajairwa: nhamba dzenhare, makadhi ekubhengi, maPIN kodhi. Ruzivo rwakadaro runogona kushandiswa kuvhura mudziyo wakapihwa.
Kana zvese zvikaramba, unogona kushandisa ruzivo rwunotevera: vaongorori vakaita ongororo vakawana maPIN kodhi anonyanya kufarirwa (akapihwa maPIN kodhi anovhara 26,83% yemapassword ese) [12]:
PIN
Kakawanda, %
1234
10,713
1111
6,016
0000
1,881
1212
1,197
7777
0,745
1004
0,616
2000
0,613
4444
0,526
2222
0,516
6969
0,512
9999
0,451
3333
0,419
5555
0,395
6666
0,391
1122
0,366
1313
0,304
8888
0,303
4321
0,293
2001
0,290
1010
0,285
Kuisa runyoro urwu rwemaPIN kodhi kune yakakiyiwa mudziyo uchaivhura ine ~ 26% mukana.
Kurudziro yekudzivirira: tarisa PIN yako zvinoenderana netafura iri pamusoro uye kunyangwe isingaenderane, chinja zvakadaro, nekuti mana manhamba idiki zvakanyanya nemazinga e4.
Method 15: Yakajairika mapikicha mapassword
Sezvatsanangurwa pamusoro, kuve nedata kubva kumakamera ekutarisa pane iyo muridzi wemudziyo anoedza kuivhura, unogona kutora yekuvhura pateni mukuyedza kashanu. Pamusoro pezvo, sekunge paine generic PIN kodhi, kune generic mapatani anogona kushandiswa kuvhura akakiyiwa nharembozha [13, 14].
Maitiro akareruka [14]:
Maitiro ekuoma kwepakati [14]:
Complex mapatani [14]:
Rondedzero yeanonyanya kufarirwa machati maitiro maererano nemuongorori Jeremy Kirby [15].
3>2>5>8>7
1>4>5>6>9
1>4>7>8>9
3>2>1>4>5>6>9>8>7
1>4>7>8>9>6>3
1>2>3>5>7>8>9
3>5>6>8
1>5>4>2
2>6>5>3
4>8>7>5
5>9>8>6
7>4>1>2>3>5>9
1>4>7>5>3>6>9
1>2>3>5>7
3>2>1>4>7>8>9
3>2>1>4>7>8>9>6>5
3>2>1>5>9>8>7
1>4>7>5>9>6>3
7>4>1>5>9>6>3
3>6>9>5>1>4>7
7>4>1>5>3>6>9
5>6>3>2>1>4>7>8>9
5>8>9>6>3>2>1>4>7
7>4>1>2>3>6>9
1>4>8>6>3
1>5>4>6
2>4>1>5
7>4>1>2>3>6>5
Pane mamwe nharembozha, kuwedzera kune graphic kodhi, imwe PIN kodhi inogona kusetwa. Muchiitiko ichi, kana zvisingabviri kuwana graphic code, muongorori anogona kudzvanya bhatani Yekuwedzera PIN kodhi (yechipiri PIN) mushure mekuisa iyo isiriyo mufananidzo kodhi uye edza kutsvaga imwe PIN.
Kurudziro yekudzivirira: Zviri nani kusashandisa graphic keys zvachose.
Nzira 16: Alphanumeric Passwords
Kana password yealphanumeric inogona kushandiswa pachishandiso, saka muridzi anogona kushandisa anotevera mapassword akakurumbira sekodhi yekiyi [16]:
- 123456
- pasiwedhi
- 123456789
- 12345678
- 12345
- 111111
- 1234567
- zuva
- qwerty
- Ndinokuda
- mwanasikana wamambo
- arun
- Mauya
- 666666
- abc123
- nhabvu
- 123123
- Tsoko
- 654321
- ! @ # $% ^ & *
- Charlie
- aa123456
- Donald
- password1
- qwerty123
Kurudziro yekudzivirira: shandisa chete mapassword akaoma, akasiyana ane mavara akakosha uye makesi akasiyana. Tarisa kana uri kushandisa imwe yemapassword ari pamusoro. Kana iwe ukashandisa - shandura iyo kune imwe yakavimbika.
Method 17: gore kana nzvimbo yekuchengetedza
Kana zvisingaite tekinoroji kubvisa data kubva kune yakakiyiwa mudziyo, matsotsi anogona kutsvaga makopi ayo ekuchengetedza pamakomputa emuridzi wechishandiso kana mune inowirirana gore storages.
Kazhinji, varidzi veApple smartphones, kana vachivabatanidza kumakomputa avo, havazive kuti kopi yemuno kana yegore backup yemudziyo inogona kugadzirwa panguva ino.
Google neApple Cloud kuchengetedza haigone kuchengetedza data kubva kumidziyo chete, asiwo mapassword akachengetwa nemudziyo. Kutora mapassword aya kunogona kubatsira mukufungidzira kodhi yekukiya yenharembozha.
Kubva kuKeychain yakachengetwa muICloud, unogona kubvisa password yekuchengetedza mudziyo yakaiswa nemuridzi, iyo ingangofanana nePIN yekukiya skrini.
Kana vemutemo vakatendeukira kuGoogle neApple, makambani anogona kuendesa data iripo, izvo zvingangoderedza zvakanyanya kukosha kwekuvhura mudziyo, sezvo vemutemo vanenge vatova nedata.
Semuenzaniso, mushure mekurwiswa kwegandanga muPensocon, makopi edata akachengetwa muICloud akaendeswa kuFBI. Kubva pane chirevo cheApple:
"Mukati memaawa ekukumbira kwekutanga kweFBI, muna Zvita 6, 2019, takapa ruzivo rwakasiyana-siyana maererano nekuferefeta. Kubva 7 Zvita kusvika 14 Zvita, takagamuchira zvikumbiro zvitanhatu zvezvemutemo uye takapa ruzivo mukupindura, kusanganisira iCloud backups, ruzivo rweakaundi, uye kutengeserana kwemaakaundi akawanda.
Takapindura chikumbiro chese nekukasika, kazhinji mukati memaawa, tichipanana ruzivo nemahofisi eFBI muJacksonville, Pensacola, neNew York. Nekukumbira kwekuferefeta, akawanda magigabytes eruzivo akawanikwa, atakapa kune vaongorori. " [17, 18, 19]
Kurudziro yekudzivirira: chero chinhu chaunotumira chisina kunyorwa kugore chinogona uye chichashandiswa kukurwisa.
Nzira 18: Google account
Iyi nzira yakakodzera kubvisa graphic password inokiya iyo skrini yenharembozha inoshandisa iyo Android inoshanda system. Kuti ushandise nzira iyi, unofanirwa kuziva zita rekushandisa uye password yeGoogle account yemuridzi wemudziyo. Chechipiri chimiro: mudziyo unofanirwa kuve wakabatana neInternet.
Kana iwe uchiteedzana kuisa iyo isiriyo yemufananidzo pasiwedhi kakawanda mumutsara, chishandiso chinokupa kuseta zvakare password. Mushure meizvozvo, unofanirwa kupinda muaccount yemushandisi, iyo inovhura iyo skrini yemudziyo [5].
Nekuda kwekusiyana kwemhinduro dzehardware, Android mashandiro masisitimu, uye mamwe magadzirirwo ekuchengetedza, iyi nzira inongoshanda kune akati wandei maturusi.
Kana muongorori asina password yeGoogle account yemuridzi wechishandiso, vanogona kuyedza kuidzosera vachishandisa yakajairwa nzira dzekudzoreredza password kumaakaundi akadaro.
Kana iyo mudziyo usina kubatana neInternet panguva yekudzidza (semuenzaniso, SIM kadhi yakavharwa kana pasina mari yakakwana pairi), ipapo mudziyo wakadaro unogona kubatanidzwa neWi-Fi uchishandisa mirairo inotevera:
- tinya chiratidzo "Emergency call"
- dial *#*#7378423#*#*
- sarudza Service Test - Wlan
- batanidza kune inowanika Wi-Fi network [5]
Kurudziro yekudzivirira: usakanganwa kushandisa mbiri-chinhu chechokwadi pese pazvinogoneka, uye mune iyi kesi, zviri nani kubatanidza kune application, uye kwete kune kodhi kuburikidza neSMS.
Nzira 19: account yevaenzi
Nharembozha dzinomhanyisa Android 5 uye pamusoro dzinogona kuve nemaakaundi akawanda. Rumwe ruzivo rweakaundi runogona kusavharwa nePIN kana pateni. Kuti uchinje, unofanirwa kudzvanya pane account icon pakona yekurudyi uye sarudza imwe account:
Kuti uwane imwe account, kuwana imwe data kana maapplication anogona kurambidzwa.
Kurudziro yekudzivirira: zvakakosha kugadzirisa OS. Mune shanduro dzemazuva ano dzeAndroid (9 uye kumusoro naChikunguru 2020 chengetedzo zvigamba), iyo yevaenzi account kazhinji haipe chero sarudzo.
Method 20: specialized services
Makambani ari kugadzira zvirongwa zveunyanzvi, pakati pezvimwe zvinhu, anopa masevhisi ekuvhura nharembozha uye kutora data kubva mazviri [20, 21]. Mikana yemasevhisi akadaro inongonakidza. Inogona kushandiswa kuvhura mhando dzepamusoro dzeAroid uye iOS zvishandiso, pamwe nemidziyo iri mumodi yekudzoreredza (iyo iyo mudziyo inopinda mushure mekupfuura nhamba yezvisirizvo password yekupinda yekuedza). Kukanganisa kweiyi nzira ndeyekudhura kwakanyanya.
Chidimbu kubva pawebhu peji pawebhusaiti yeCellebrite inotsanangura kuti ndezvipi zvishandiso zvavanogona kutora data kubva. Chishandiso chinogona kuvhurwa murabhoritari yemugadziri (Cellebrite Advanced Service (CAS)) [20]:
Kune sevhisi yakadai, mudziyo unofanirwa kupihwa kudunhu (kana musoro) hofisi yekambani. Kuenda kwenyanzvi kune mutengi kunogoneka. Semutemo, kupaza kodhi yekuvhara skrini kunotora zuva rimwe.
Kurudziro yekudzivirira: zvinenge zvisingabviri kuzvidzivirira, kunze kwekushandiswa kwezwi rakasimba alphanumeric password uye shanduko yegore yezvigadzirwa.
PS Group-IB Laboratory nyanzvi dzinotaura nezvenyaya idzi, maturusi uye zvimwe zvakawanda zvinobatsira basa rekombuta forensic nyanzvi sechikamu chedzidzo. . Mushure mekupedza kosi yemazuva mashanu kana yakawedzera 5-zuva, vanopedza kudzidza vanozokwanisa kunyatsoita tsvakiridzo yezvemberi uye kudzivirira zviitiko zvecyber mumasangano avo.
PPS Chiito nezve kuchengetedza ruzivo, hackers, APT, cyber kurwiswa, scammers uye makororo. Nhanho-ne-nhanho kuferefeta, zviitiko zvinoshanda uchishandisa Boka-IB matekinoroji uye kurudziro yekuti urege kubatwa sei. Connect!
Sources
- Guixin Yey, Zhanyong Tang, Dingyi Fangy, Xiaojiang Cheny, Kwang Kimz, Ben Taylorx, Zheng Wang.
- Dominic Casciani, Gaetan Portal.
- Anatoly Alizar.
- Maria Nefedova.
- Anton Makarov. Bypass pateni password pane Android zvishandiso
- Jeremy Kirby.
- Andrey Smirnov.
- Maria Nefedova.
Source: www.habr.com