Emsebenzini wabo, iingcali ze-forensic zekhompyuter zihlala zidibana namatyala xa kuyimfuneko ukuvula ngokukhawuleza i-smartphone. Umzekelo, idatha evela kwifowuni iyadingeka ngophando ukuze kuqondwe izizathu zokuzibulala komntwana ofikisayo. Kwelinye icala, baya kunceda ekufumaneni umkhondo weqela lolwaphulo-mthetho elihlasela abaqhubi beelori. Kukho, ewe, amabali amnandi - abazali balibele igama eliyimfihlo kwigajethi, kwaye kukho ividiyo enamanyathelo okuqala omntwana wabo kuyo, kodwa, ngelishwa, bambalwa kubo. Kodwa zikwafuna indlela yobuchule kulo mba. Kweli nqaku Igor Mikhailov, ingcali yeQela-IB Computer Forensics Laboratory, uthetha ngeendlela ezivumela iingcali ze-forensic ukuba zidlule isitshixo se-smartphone.
Kubalulekile: Eli nqaku libhalelwe ukuvavanya ukhuseleko lwamagama ayimfihlo kunye neepateni zegraphic ezisetyenziswa ngabanini besixhobo esiphathwayo. Ukuba uthatha isigqibo sokuvula isixhobo esiphathwayo usebenzisa iindlela ezichazwe, khumbula ukuba wenza zonke izenzo zokuvula izixhobo ngengozi yakho kunye nomngcipheko. Xa ulawula izixhobo eziphathwayo, unokusitshixa isixhobo, ucime idatha yomsebenzisi, okanye ubangele isixhobo singasebenzi kakuhle. Iingcebiso zikwanikezelwa kubasebenzisi malunga nendlela yokunyusa umgangatho wokukhusela izixhobo zabo.
Ke, eyona ndlela iqhelekileyo yokuthintela ukufikelela kulwazi lomsebenzisi oluqulethwe kwisixhobo kukutshixa isikrini sesixhobo esiphathwayo. Xa isixhobo esinjalo singena kwibhubhoratri ye-forensic, ukusebenza nayo kunokuba nzima, kuba isixhobo esinjalo akunakwenzeka ukwenza imo ye-USB debugging (kwizixhobo ze-Android), akunakwenzeka ukuqinisekisa imvume yokuba ikhomputha yomvavanyi isebenze nale nto. isixhobo (kwizixhobo zeselula ze-Apple), kwaye, ngenxa yoko, akunakwenzeka ukufikelela kwidatha egcinwe kwimemori yesixhobo.
Inyani yokuba i-FBI yaseMelika ihlawule isixa esikhulu sokuvula i-iPhone yomnqolobi uSyed Farouk, omnye wabathathi-nxaxheba kuhlaselo lwabanqolobi kwisixeko saseCalifornia eSan Bernardino, ibonisa ukuba singakanani isitshixo esiqhelekileyo sefowuni esithintela iingcali ukukhupha idatha kuyo [1].
Iindlela zokuvula iSixhobo seMobile
Njengomthetho, ukutshixa isikrini sesixhobo esiphathwayo sisetyenziswa:
- Igama lokugqithisa elingumqondiso
- Igama lokugqithisa elingumzobo
Kwakhona, iindlela zetekhnoloji zeSmartBlock zinokusetyenziselwa ukuvula isikrini sezixhobo ezininzi eziphathwayo:
- Ukuvula ngoshicilelo lweminwe
- Ukuvula ubuso (iteknoloji ye-FaceID)
- Vula isixhobo ngokuqatshelwa kwe-iris
Iindlela zentlalo zokuvula isixhobo esiphathwayo
Ukongeza kwezobuchwephesha kuphela, kukho ezinye iindlela zokufumana okanye ukoyisa ikhowudi ye-PIN okanye ikhowudi yegraphic (ipateni) yokutshixa isikrini. Kwezinye iimeko, iindlela zentlalo zinokusebenza ngakumbi kunezisombululo zobugcisa kwaye zincede ukuvula izixhobo ezithotyelwe kuphuhliso olukhoyo lobugcisa.
Eli candelo liza kuchaza iindlela zokuvula isikrini sesixhobo esiphathwayo esingafunekiyo (okanye sifune kuphela umda, ngokuyinxenye) ukusetyenziswa kweendlela zobugcisa.
Ukwenza uhlaselo lwentlalo, kuyimfuneko ukufunda i-psychology yomnini wesixhobo esitshixiweyo ngokunzulu kangangoko kunokwenzeka, ukuqonda imigaqo ayenzayo kwaye agcine amagama ayimfihlo okanye iipateni zegraphic. Kwakhona, umphandi uya kufuna ithontsi yethamsanqa.
Xa usebenzisa iindlela ezinxulumene nokuqikelela igama lokugqitha, kufuneka kukhunjulwe ukuba:
- Ukufaka amagama ayimfihlo alishumi angachanekanga kwizixhobo eziphathwayo zika-Apple kunokubangela ukuba iinkcukacha zomsebenzisi zicinywe. Oku kuxhomekeke kwizicwangciso zokhuseleko ezibekwe ngumsebenzisi;
- kwizixhobo eziphathwayo ezisebenzisa inkqubo yokusebenza ye-Android, iteknoloji ye-Root of Trust ingasetyenziswa, eya kukhokelela ekubeni emva kokufaka amagama ayimfihlo angama-30, idatha yomsebenzisi iya kuba ingafikeleleki okanye icinywe.
Indlela yoku-1: cela igama lokugqitha
Inokubonakala ingaqhelekanga, kodwa ungafumana igama eligqithisiweyo lokuvula ngokubuza nje umnini wesixhobo. Izibalo zibonisa ukuba malunga ne-70% yabanini bezixhobo eziphathwayo bazimisele ukwabelana ngephasiwedi yabo. Ngokukodwa ukuba iya kunciphisa ixesha lophando kwaye, ngokufanelekileyo, umnini uya kufumana isixhobo sakhe ngokukhawuleza. Ukuba akunakwenzeka ukubuza umnini-password (umzekelo, umnini wesixhobo ufile) okanye uyala ukuyichaza, igama eliyimfihlo linokufumaneka kwizihlobo zakhe ezisondeleyo. Njengomthetho, izalamane ziyazi igama eliyimfihlo okanye zinokucebisa ukhetho olunokwenzeka.
Ingcebiso ngoKhuseleko: Iphasiwedi yefowuni yakho liqhosha lendalo yonke ledatha, kuquka nedatha yentlawulo. Ukuthetha, ukuthumela, ukubhala kwizithunywa ezikhawulezayo ngumbono ombi.
Indlela yesi-2: jonga igama eligqithisiweyo
I-password inokujongwa ngoku xa umnini esebenzisa isixhobo. Nokuba ukhumbula igama eligqithisiweyo (umlinganiswa okanye umzobo) ngokuyinxenye, oku kuya kunciphisa kakhulu inani leenketho ezinokwenzeka, eziza kukuvumela ukuba uqikelele ngokukhawuleza.
Umahluko wale ndlela kusetyenziso lweCCTV ebonisa umnini evula isixhobo esebenzisa ipasiwedi yokugqitha [2]. I-algorithm echazwe kumsebenzi othi "Ukuqhaqha iPattern ye-Android kwiLinge ezintlanu" [2], ngokuhlalutya ukurekhoda kwevidiyo, ikuvumela ukuba uqikelele iinketho zegama lokugqitha lomzobo kwaye uvule isixhobo kwiinzame ezininzi (njengomthetho, oku akufuneki ngaphezulu. ngaphezu kwemizamo emihlanu). Ngokutsho kwababhali, "okukhona kuyinkimbinkimbi i-password yegraphic, kulula ukuyichola."
Ingcebiso ngoKhuseleko: Ukusebenzisa iqhosha lomzobo ayisiyiyo eyona mbono ilungileyo. Igama lokugqithisa lealphanumeric kunzima kakhulu ukulikroba.
Indlela yesi-3: fumana igama lokugqitha
I-password inokufumaneka kwiirekhodi zomnini wesixhobo (iifayile kwikhompyutheni, kwidayari, kwiinqununu zamaphepha ezilele kumaxwebhu). Ukuba umntu usebenzisa izixhobo ezahlukeneyo zeselfowuni kwaye banamagama ayimfihlo ahlukeneyo, ke ngamanye amaxesha kwigumbi lebhetri yezi zixhobo okanye kwindawo ephakathi kwetyala le-smartphone kunye necala, unokufumana iziqwenga zephepha elinamagama ayimfihlo abhaliweyo:
Ingcebiso ngoKhuseleko: akukho mfuneko yokugcina "incwadana" enamagama ayimfihlo. Lo ngumbono ombi, ngaphandle kokuba zonke ezi passwords zaziwa zibubuxoki ukunciphisa inani lokuzama ukuvula.
Indlela yesi-4: iminwe (uhlaselo lwe-smudge)
Le ndlela ikuvumela ukuba uchonge i-sweat-fat traces yezandla ekuboniseni isixhobo. Unokuzibona ngokuphatha isikrini sesixhobo ngomgubo okhanyayo weminwe (endaweni yomgubo okhethekileyo we-forensic, ungasebenzisa umgubo wosana okanye enye ikhemikhali engasebenziyo umgubo ocolekileyo omhlophe okanye ongwevu okhanyayo) okanye ngokujonga isikrini isixhobo kwimitha ye-oblique yokukhanya. Ukuhlalutya izikhundla ezihambelanayo zezandla kunye nolwazi olongezelelweyo malunga nomnini wesixhobo (umzekelo, ukwazi unyaka wakhe wokuzalwa), unokuzama ukuqikelela isicatshulwa okanye igama eligqithisiweyo lomzobo. Nantsi indlela ukwakheka kwamafutha okubila kujongeka ngathi kumboniso we-smartphone ngendlela yonobumba owenziwe isitayile u-Z:
Ingcebiso ngoKhuseleko: Njengoko besitshilo, igama eligqithisiweyo lomzobo ayilombono ilungileyo, njengeeglasi ezine-oleophobic emdaka.
Indlela yesi-5: umnwe wokwenziwa
Ukuba isixhobo sinokuvulwa ngomnwe, kwaye umphandi uneisampulu zesandla somnini wesixhobo, emva koko ikopi ye-3D yoshicilelo lweminwe yomnini inokwenziwa kumshicileli we-3D kwaye isetyenziswe ukuvula isixhobo [XNUMX]:
Ukulinganisa okupheleleyo komnwe womntu ophilayo - umzekelo, xa i-sensor yeminwe ye-smartphone isabona ukushisa - imodeli ye-3D ifakwe (ixhomekeke) ngomnwe womntu ophilayo.
Umnini wesixhobo, nokuba ulibele igama eliyimfihlo lokutshixa isikrini, unokusivula ngokwakhe isixhobo esebenzisa umnwe wakhe. Oku kunokusetyenziswa kwiimeko ezithile apho umnini akakwazi ukunika igama eliyimfihlo kodwa uzimisele ukunceda umphandi ukuba avule isixhobo sakhe nangona kunjalo.
Umphandi kufuneka akhumbule izizukulwana zenzwa ezisetyenziswa kwiimodeli ezahlukeneyo zezixhobo eziphathwayo. Iimodeli ezindala zeenzwa zinokuthi zivuswe phantse nawuphi na umnwe, kungekhona umnini wesixhobo. Iinzwa zanamhlanje ze-ultrasonic, ngokuchaseneyo, zihlola ngokunzulu nangokucacileyo. Ukongeza, inani leenzwa zanamhlanje ezingaphantsi kwesikrini ziikhamera zeCMOS ezingakwaziyo ukuskena ubunzulu bomfanekiso, nto leyo ezenza kube lula ukuqhatha.
Ingcebiso ngoKhuseleko: Ukuba umnwe, ngoko kuphela inzwa ye-ultrasonic. Kodwa ungakulibali ukuba ukubeka umnwe ngokuchasene nentando yakho kulula kakhulu kunobuso.
Indlela yesi-6: "jerk" (Uhlaselo lweMug)
Le ndlela ichazwa ngamapolisa aseBritani [4]. Ibandakanya ukucupha okufihlakeleyo komrhanelwa. Ngethuba umrhanelwa evula ifowuni yakhe, i-arhente enxibe i-plain yoyihlutha ezandleni zomnini kwaye ithintele isixhobo ukuba singatshixwa kwakhona de sinikezelwe kwiingcali.
Ingcebiso ngoKhuseleko: Ndicinga ukuba amanyathelo anjalo aya kusetyenziswa ngokuchasene nawe, ke izinto zimbi. Kodwa apha kufuneka uqonde ukuba ukuthintela okungahleliweyo kuyayithoba le ndlela. Kwaye, umzekelo, ukucofa ngokuphindaphindiweyo iqhosha lokukhiya kwi-iPhone iqalisa imodi ye-SOS, eyongeza kuyo yonke into icime i-FaceID kwaye ifuna i-passcode.
Indlela yesi-7: iimpazamo kwii-algorithms zokulawula isixhobo
Kwiindaba zemithombo yeendaba ezikhethekileyo, unokufumana imiyalezo echaza ukuba iintshukumo ezithile ngesixhobo zivula isikrini. Umzekelo, isikrini sokutshixa kwezinye izixhobo sinokuvulwa yifowuni engenayo. Ukungalungi kwale ndlela kukuba ubuthathaka obuchongiweyo, njengomthetho, bupheliswa ngokukhawuleza ngabavelisi.
Umzekelo wendlela yokuvula yezixhobo eziphathwayo ezikhutshwe ngaphambi kwe-2016 i-battery drain. Xa ibhetri iphantsi, isixhobo siya kuvula kwaye sikuxelele ukuba utshintshe useto lwamandla. Kule meko, kufuneka uye ngokukhawuleza kwiphepha elineseto zokhuseleko kwaye ukhubaze ukutshixa isikrini [5].
Ingcebiso ngoKhuseleko: ungalibali ukuhlaziya i-OS yesixhobo sakho ngexesha elifanelekileyo, kwaye ukuba ayisaxhaswa, tshintsha i-smartphone yakho.
Indlela yesi-8: Ubuthathaka kwiinkqubo zomntu wesithathu
Ubuthathaka obufunyenwe kwii-aplikeshini zomntu wesithathu ezifakelweyo kwisixhobo zinokubonelela ngokupheleleyo okanye ngokuyinxenye ufikelelo kwidatha yesixhobo esitshixwayo.
Umzekelo wobu buthathaka kukubiwa kwedatha kwi-iPhone kaJeff Bezos, umnini oyintloko we-Amazon. Ukuba sesichengeni kumyalezo we-WhatsApp, oxhatshazwa ngabantu abangaziwayo, kwakhokelela ekubiweni kwedatha eyimfihlo egcinwe kwimemori yesixhobo [6].
Ubuthathaka obunjalo bunokusetyenziswa ngabaphandi ukuphumeza iinjongo zabo - ukukhupha idatha kwizixhobo ezitshixiweyo okanye ukuzivula.
Ingcebiso ngoKhuseleko: Kufuneka uhlaziye hayi i-OS kuphela, kodwa kunye nezicelo ozisebenzisayo.
Indlela ye-9: ifowuni yenkampani
Izixhobo eziphathwayo zenkampani zinokuvulwa ngabalawuli benkqubo yenkampani. Umzekelo, izixhobo zeeFowuni zeWindows ziqhagamshelwe kwiakhawunti yenkampani yeMicrosoft Exchange kwaye zinokuvulwa ngabalawuli benkampani. Kwizixhobo ze-Apple ezihlangeneyo, kukho inkonzo yoLawulo lweSixhobo esiXhobo esifana neMicrosoft Exchange. Abalawuli bayo banokuvula isixhobo iOS corporate. Ukongeza, izixhobo eziphathwayo zeshishini zinokudityaniswa kuphela neekhompyuter ezithile ezichazwe ngumlawuli kwisethingi yesixhobo esiphathwayo. Ngoko ke, ngaphandle kokusebenzisana nabalawuli benkqubo yenkampani, isixhobo esinjalo asinakuqhagamshelwa kwikhompyuter yomphandi (okanye isoftware kunye nenkqubo yehardware yokutsalwa kwedatha ye-forensic).
Ingcebiso ngoKhuseleko: I-MDM ibubi kwaye ilungile malunga nokhuseleko. Umlawuli we-MDM unokuhlala ekude ukuseta isixhobo kwakhona. Kwimeko nayiphi na into, akufanele ugcine idatha yomntu obuthathaka kwisixhobo senkampani.
Indlela ye-10: ulwazi oluvela kuluvo
Ukuhlalutya ulwazi olufunyenwe kwiinzwa zesixhobo, unokuqikelela igama eliyimfihlo kwisixhobo usebenzisa i-algorithm ekhethekileyo. UAdam J. Aviv ubonise ukuba kunokwenzeka ukuhlaselwa okunjalo usebenzisa idatha efunyenwe kwi-accelerometer ye-smartphone. Ngethuba lophando, inzululwazi ikwazile ukuchonga ngokuchanekileyo igama eliyimfihlo elingumqondiso kwi-43% yamatyala, kunye ne-graphic password - kwi-73% [7].
Ingcebiso ngoKhuseleko: Lumka ukuba zeziphi ii-apps ozinikayo imvume yokulandelela abenzi boluvo abohlukeneyo.
Indlela ye-11: ukuvula ubuso
Njengakwimeko yeminwe, impumelelo yokuvula isixhobo usebenzisa itekhnoloji yeFaceID ixhomekeke ekubeni zeziphi izinzwa kunye nokuba zeziphi izixhobo zemathematika ezisetyenziswa kwisixhobo esithile esiphathwayo. Ngaloo ndlela, kumsebenzi othi "Gezichtsherkenning op smartphone niet altijd veilig" [8], abaphandi babonise ukuba ezinye zee-smartphones ezifundiweyo zavulwa ngokubonisa ifoto yomnini kwikhamera ye-smartphone. Oku kunokwenzeka xa ikhamera enye kuphela yangaphambili isetyenziselwa ukuvula, engenakho ukuskena idatha yobunzulu bomfanekiso. I-Samsung, emva koluhlu lweeprofayili eziphezulu kunye neevidiyo kwi-YouTube, kwanyanzeleka ukuba yongeze isilumkiso kwi-firmware yee-smartphones zayo. Ukuvula ngobuso Samsung:
Ii-smartphones eziphucuke ngakumbi zinokuvulwa kusetyenziswa imaski okanye ukuzifundela kwesixhobo. Umzekelo, i-iPhone X isebenzisa itekhnoloji ekhethekileyo ye-TrueDepth [9]: iprojektha yesixhobo, isebenzisa iikhamera ezimbini kunye ne-infrared emitter, iiprojekthi zegridi equkethe amanqaku angaphezu kwe-30 ebusweni bomnini. Isixhobo esinjalo sinokuvulwa kusetyenziswa isigqubuthelo sobuso esinecontours efana neecontours zobuso bomntu osinxibileyo. Imaski yokuvula i-iPhone [000]:
Ekubeni inkqubo enjalo inzima kakhulu kwaye ayisebenzi phantsi kweemeko ezifanelekileyo (ukuguga kwendalo komnini kwenzeka, utshintsho kwimbonakalo yobuso ngenxa yokubonakaliswa kweemvakalelo, ukukhathala, isimo sempilo, njl.), Kunyanzelekile ukuba uzifunde rhoqo. Ke ngoko, ukuba omnye umntu ubambe isixhobo esivuliweyo phambi kwakhe, ubuso bakhe buya kukhunjulwa njengobuso bomnini wesixhobo kwaye kwixesha elizayo uya kukwazi ukuvula i-smartphone esebenzisa itekhnoloji yeFaceID.
Ingcebiso ngoKhuseleko: ungasebenzisi ukuvula "ngomfanekiso" - kuphela iisistim ezineeskena zobuso ezigcweleyo (I-FaceID evela kwi-Apple kunye ne-analogues kwizixhobo ze-Android).
Ingcebiso ephambili ayijongi ikhamera, jonga kude. Nokuba uvala iliso elinye, ithuba lokuvula lehla kakhulu, njengobukho bezandla ebusweni. Ukongeza, kuphela iinzame ezi-5 zinikezelwa ukuvula ngobuso (FaceID), emva koko kuya kufuneka ukuba ufake ikhowudi yokudlula.
Indlela ye-12: Ukusebenzisa iindawo ezivuzayo
Iidatabase ezivuzayo zephasiwedi ziyindlela entle yokuqonda ipsychology yomnini wesixhobo (ucinga ukuba umphandi unolwazi malunga needilesi ze-imeyile zomnini isixhobo). Kulo mzekelo ungasentla, ukukhangela idilesi ye-imeyile kubuyise amagama ayimfihlo amabini afanayo asetyenziswe ngumnini. Kunokucingelwa ukuba igama eliyimfihlo 21454162 okanye izinto eziphuma kuyo (umzekelo, 2145 okanye 4162) zingasetyenziswa njengekhowudi yokutshixa isixhobo esiphathwayo. (Ukukhangela idilesi ye-imeyile yomnini kuvimba weenkcukacha ezivuzayo kutyhila ukuba ngawaphi amagama ayimfihlo anokusetyenziswa ngumnini, kuquka ukutshixa isixhobo sakhe esiphathwayo.)
Ingcebiso ngoKhuseleko: thatha amanyathelo abonakalayo, landelela idatha malunga nokuvuza kwaye utshintshe amagama ayimfihlo aqatshelwe ngokuvuza ngexesha elifanelekileyo!
Indlela ye-13: Iiphasiwedi zokutshixa isixhobo seGeneric
Njengomthetho, akukho sixhobo esinye esiphathwayo esithathwe kumnini, kodwa ezininzi. Amaxesha amaninzi kukho izixhobo ezinjalo ezininzi. Kule meko, unokuqikelela igama eliyimfihlo kwisixhobo esisengozini kwaye uzame ukusisebenzisa kwezinye ii-smartphones kunye neetafile ezithathwe kumnini ofanayo.
Xa uhlalutya idatha ekhutshwe kwizixhobo eziphathwayo, loo datha iboniswa kwiiprogram ze-forensic (kaninzi naxa ukhupha idatha kwizixhobo ezitshixiweyo usebenzisa iintlobo ezahlukeneyo zobuthathaka).
Njengoko unokubona kwiscreenshot senxalenye yefestile yokusebenza yenkqubo ye-UFED Physical Analyzer, isixhobo sitshixiwe ngekhowudi yePIN engaqhelekanga yefgkl.
Musa ukungazihoyi ezinye izixhobo zabasebenzisi. Ngokomzekelo, ngokuhlalutya amagama ayimfihlo agcinwe kwi-cache ye-web browser yekhompyutha yomnini wesixhobo esiphathwayo, umntu unokuqonda imigaqo yokuvelisa igama eliyimfihlo umnini abambelele kuyo. Ungajonga amagama agqithisiweyo agciniweyo kwikhompyuter yakho usebenzisa into eluncedo yeNirSoft [11].
Kwakhona, kwikhompyuter (ilaptop) yomnini wesixhobo esiphathwayo, kunokubakho iifayile ze-Lockdown ezinokunceda ukufikelela kwisixhobo esivaliweyo se-Apple. Le ndlela iya kuxutyushwa ngokulandelayo.
Ingcebiso ngoKhuseleko: sebenzisa amagama agqithisiweyo awahlukileyo, awodwa kuyo yonke indawo.
Indlela ye-14: Ii-PIN eziqhelekileyo
Njengoko kuphawuliwe ngaphambili, abasebenzisi bahlala besebenzisa amagama ayimfihlo aqhelekileyo: iinombolo zefowuni, amakhadi ebhanki, iikhowudi zePIN. Ulwazi olunjalo lunokusetyenziswa ukuvula isixhobo esinikiweyo.
Ukuba konke okunye kuyasilela, ungasebenzisa olu lwazi lulandelayo: abaphandi baqhube uhlalutyo kwaye bafumana iikhowudi ze-PIN ezidumileyo (iikhowudi ze-PIN ezinikiweyo zigubungela i-26,83% yazo zonke iiphasiwedi) [12]:
IPIN
Ukuphindaphinda, %
1234
10,713
1111
6,016
0000
1,881
1212
1,197
7777
0,745
1004
0,616
2000
0,613
4444
0,526
2222
0,516
6969
0,512
9999
0,451
3333
0,419
5555
0,395
6666
0,391
1122
0,366
1313
0,304
8888
0,303
4321
0,293
2001
0,290
1010
0,285
Ukusebenzisa olu luhlu lweekhowudi ze-PIN kwisixhobo esitshixiweyo kuya kuluvula nge ~ 26% enokwenzeka.
Ingcebiso ngoKhuseleko: Jonga i-PIN yakho ngokwetheyibhile engentla kwaye nokuba ayihambelani, yitshintshe, kuba amanani ama-4 amancinci kakhulu ngemigangatho ka-2020.
Indlela ye-15: Iiphasiwedi zemifanekiso eqhelekileyo
Njengoko kuchaziwe ngasentla, ukuba nedatha evela kwiikhamera zokucupha apho umnini wesixhobo ezama ukuyivula, unokuthatha iphethini yokuvula kwiinzame ezintlanu. Ukongeza, njengokuba kukho iikhowudi ze-PIN eziqhelekileyo, kukho iipateni zegeneric ezinokusetyenziswa ukuvula izixhobo eziphathwayo ezitshixwayo [13, 14].
Iipateni ezilula [14]:
Iipateni zobunzima obuphakathi [14]:
Iipateni ezintsonkothileyo [14]:
Uluhlu lweepateni zetshathi ezidumileyo ngokutsho komphandi uJeremy Kirby [15].
3>2>5>8>7
1>4>5>6>9
1>4>7>8>9
3>2>1>4>5>6>9>8>7
1>4>7>8>9>6>3
1>2>3>5>7>8>9
3>5>6>8
1>5>4>2
2>6>5>3
4>8>7>5
5>9>8>6
7>4>1>2>3>5>9
1>4>7>5>3>6>9
1>2>3>5>7
3>2>1>4>7>8>9
3>2>1>4>7>8>9>6>5
3>2>1>5>9>8>7
1>4>7>5>9>6>3
7>4>1>5>9>6>3
3>6>9>5>1>4>7
7>4>1>5>3>6>9
5>6>3>2>1>4>7>8>9
5>8>9>6>3>2>1>4>7
7>4>1>2>3>6>9
1>4>8>6>3
1>5>4>6
2>4>1>5
7>4>1>2>3>6>5
Kwezinye izixhobo eziphathwayo, ukongeza kwikhowudi yegrafiki, ikhowudi ye-PIN eyongezelelweyo inokusetwa. Kule meko, ukuba akunakwenzeka ukufumana ikhowudi yegraphic, umphandi unokucofa iqhosha Ikhowudi ye-PIN eyongezelelweyo (i-PIN yesibini) emva kokufaka ikhowudi yesithombe engalunganga kwaye uzame ukufumana i-PIN eyongezelelweyo.
Ingcebiso ngoKhuseleko: Kungcono ukungasebenzisi izitshixo zegraphic kwaphela.
Indlela ye-16: Iiphasiwedi ze-Alphanumeric
Ukuba igama lokugqitha lealphanumeric linokusetyenziswa kwisixhobo, ngoko ke umnini unokusebenzisa la magama ayimfihlo athandwayo njengekhowudi yokutshixa [16]:
- 123456
- inombolo yokuvula
- 123456789
- 12345678
- 12345
- 111111
- 1234567
- ilanga
- qwerty
- ndiyakuthanda
- Khosana
- admin
- Wamkelekile
- 666666
- Abc123
- football
- 123123
- monkey
- 654321
- ! @ # $% ^ Kwaye *
- charlie
- aa123456
- donald
- iphasiwedi1
- qwerty123
Ingcebiso ngoKhuseleko: sebenzisa kuphela amagama agqithisiweyo antsonkothileyo, awodwa anamagama akhethekileyo kunye neemeko ezahlukeneyo. Khangela ukuba usebenzisa enye yala magama okugqithisa angentla. Ukuba uyayisebenzisa - yitshintshe ibe yinto ethembekileyo.
Indlela ye-17: ilifu okanye ukugcinwa kwendawo
Ukuba akunakwenzeka ngokobuchwepheshe ukususa idatha kwisixhobo esitshixiweyo, abaphuli-mthetho banokukhangela iikopi zayo zokulondoloza kwiikhomputha zomnini wesixhobo okanye kwii-storeges zamafu ezihambelanayo.
Ngokuqhelekileyo, abanini bee-smartphones ze-Apple, xa bezidibanisa kwiikhomputha zabo, abaqondi ukuba ikopi ye-backup yendawo okanye yefu inokwenziwa ngeli xesha.
I-Google kunye ne-Apple yokugcina ilifu ayikwazi ukugcina idatha kuphela kwizixhobo, kodwa kunye neephasiwedi ezigcinwe sisixhobo. Ukutsala la magama okugqithisa kunokunceda ekuqikeleleni ikhowudi yokutshixa yesixhobo esiphathwayo.
Ukusuka kwi-Keychain egcinwe kwi-iCloud, unokukhupha igama eliyimfihlo lesixhobo esetwe ngumnini, elinokuthi lihambelane ne-PIN yokutshixa isikrini.
Ukuba ukuthotyelwa komthetho kuphendukela kwiGoogle kunye ne-Apple, iinkampani zinokudlulisela idatha ekhoyo, enokuthi inciphise kakhulu isidingo sokuvula isixhobo, ekubeni ukuthotyelwa komthetho kuya kuba sele kunedatha.
Ngokomzekelo, emva kohlaselo lwamaphekula ePensocon, iikopi zedatha egcinwe kwi-iCloud zanikezelwa kwi-FBI. Kwingxelo ye-Apple:
βKwiiyure nje ezimbalwa zesicelo sokuqala se-FBI, nge-6 kaDisemba, 2019, sinike uluhlu olubanzi lolwazi olunxulumene nophando. Ukusukela nge-7 kaDisemba ukuya kwi-14 kaDisemba, sifumene izicelo ezisemthethweni ezithandathu kwaye sanikezela ngolwazi kwimpendulo, kubandakanywa ii-backups ze-iCloud, ulwazi lwe-akhawunti, kunye nentengiselwano yeeakhawunti ezininzi.
Sasisabela ngokukhawuleza kwisicelo ngasinye, ngokufuthi kwiiyure nje ezimbalwa, sidlulisela inkcazelo kwiiofisi zeFBI eJacksonville, ePensacola naseNew York. Ngesicelo sophando, uninzi lweegigabytes zolwazi zafunyanwa, sanikezela kubaphandi. " [17, 18, 19]
Ingcebiso ngoKhuseleko: nantoni na oyithumelayo engafihlwanga kwilifu inako kwaye iya kusetyenziswa ngokuchasene nawe.
Indlela ye-18: Iakhawunti kaGoogle
Le ndlela ilungele ukususa igama eligqithisiweyo lomzobo elitshixa isikrini sesixhobo esiphathwayo esiqhuba inkqubo yokusebenza ye-Android. Ukusebenzisa le ndlela, kufuneka wazi igama lomsebenzisi kunye negama lokugqitha le-akhawunti yomnini wesixhobo kaGoogle. Imeko yesibini: isixhobo kufuneka siqhagamshelwe kwi-Intanethi.
Ukuba ungenisa ngokulandelelana igama lokugqitha elingelilo lomfanekiso amaxesha amaninzi ngokulandelelana, isixhobo siya kukunika ukuseta kwakhona igama lokugqitha. Emva koko, kufuneka ungene kwi-akhawunti yomsebenzisi, eya kuvula isikrini sesixhobo [5].
Ngenxa yeendidi zezisombululo ze-hardware, iinkqubo zokusebenza ze-Android, kunye nezicwangciso ezongezelelweyo zokhuseleko, le ndlela isebenza kuphela kwinani lezixhobo.
Ukuba umphandi akanalo igama eliyimfihlo kwiakhawunti kaGoogle yomnini wesixhobo, banokuzama ukuyifumana kwakhona besebenzisa iindlela eziqhelekileyo zokufumana igama lokugqitha kwiiakhawunti ezinjalo.
Ukuba isixhobo asixhunyiwe kwi-Intanethi ngexesha lokufunda (umzekelo, i-SIM khadi ivaliwe okanye akukho mali yaneleyo kuyo), ke isixhobo esinjalo sinokuqhagamshelwa kwi-Wi-Fi kusetyenziswa le miyalelo ilandelayo:
- cofa i icon "umnxeba ongxamisekileyo"
- cofa *#*#7378423#*#*
- khetha Uvavanyo lweNkonzo-Wlan
- qhagamshela kwinethiwekhi ye-Wi-Fi ekhoyo [5]
Ingcebiso ngoKhuseleko: ungalibali ukusebenzisa ukuqinisekiswa kwezinto ezimbini naphi na apho kunokwenzeka, kwaye kulo mzekelo, kungcono ngekhonkco kwisicelo, kwaye kungekhona ikhowudi ngeSMS.
Indlela ye-19: i-akhawunti yeendwendwe
Izixhobo eziphathwayo ezisebenzisa i-Android 5 nangaphezulu zinokuba neeakhawunti ezininzi. Ulwazi olongezelelweyo lwe-akhawunti alunakutshixwa nge-PIN okanye ipateni. Ukutshintsha, kufuneka ucofe i icon yeakhawunti kwikona ephezulu ngasekunene kwaye ukhethe enye iakhawunti:
Kwi-akhawunti eyongezelelweyo, ukufikelela kwidatha ethile okanye usetyenziso kunokuthintelwa.
Ingcebiso ngoKhuseleko: kubalulekile ukuhlaziya i-OS. Kwiinguqulelo zangoku ze-Android (i-9 ukuya phezulu kunye ne-Julayi 2020 iipatches zokhuseleko), i-akhawunti yeendwendwe ayisoloko inikezela naluphi na ukhetho.
Indlela ye-20: iinkonzo ezikhethekileyo
Iinkampani eziphuhlisa iinkqubo ezikhethekileyo zenkundla, phakathi kwezinye izinto, zibonelela ngeenkonzo zokuvula izixhobo eziphathwayo kunye nokukhupha idatha kuzo [20, 21]. Amathuba eenkonzo ezinjalo amnandi nje. Zingasetyenziselwa ukuvula iimodeli eziphezulu zezixhobo ze-Android kunye ne-iOS, kunye nezixhobo ezikwimowudi yokubuyisela (isixhobo esingena emva kokugqithisa inani lokuzama ukungena kwephasiwedi engalunganga). Ukungalungi kwale ndlela yindleko ephezulu.
Isicatshulwa esivela kwiphepha lewebhu kwiwebhusayithi yeCellebrite echaza ukuba zeziphi izixhobo abanokubuyisela kuzo idatha. Isixhobo sinokuvulwa kwilabhoratri yomphuhlisi (iNkonzo ePhambili yeCellebrite (CAS)) [20]:
Kwinkonzo enjalo, isixhobo kufuneka sinikezelwe kwi-ofisi yengingqi (okanye intloko) yenkampani. Ukuhamba kwengcali kumthengi kunokwenzeka. Njengomthetho, ukukrazula ikhowudi yokuvala isikrini kuthatha usuku olunye.
Ingcebiso ngoKhuseleko: phantse akunakwenzeka ukuzikhusela, ngaphandle kokusetyenziswa kwegama eliyimfihlo le-alphanumeric kunye nokutshintsha kwezixhobo zonyaka.
Iingcali ze-PS Group-IB Laboratory zithetha ngala matyala, izixhobo kunye nezinye izinto ezininzi eziluncedo kumsebenzi we-computer forensic specialist njengenxalenye yekhosi yoqeqesho. . Emva kokugqiba i-5-day okanye i-7-day course eyandisiweyo, abaphumeleleyo baya kukwazi ukuqhuba ngokufanelekileyo uphando lwe-forensic kunye nokuthintela iziganeko ze-cyber kwimibutho yabo.
Isenzo sePPS malunga nokhuseleko lolwazi, abahlaseli, i-APT, uhlaselo lwe-cyber, abarhwebi kunye nabaphangi. Uphando lwamanyathelo ngamanyathelo, amatyala asebenzayo asebenzisa itekhnoloji yeQela-IB kunye neengcebiso malunga nokuba ungabi lixhoba njani. Qhagamshela!
Imithombo
- Guixin Yey, Zhanyong Tang, Dingyi Fangy, Xiaojiang Cheny, Kwang Kimz, Ben Taylorx, Zheng Wang.
- UDominic Casciani, iGaetan Portal.
- Anatoly Alizar.
- UMaria Nefedova.
- Anton Makarov. Ipatheni yokugqithisa ipatheni kwizixhobo ze-Android
- UJeremy Kirby.
- UAndrey Smirnov.
- UMaria Nefedova.
umthombo: www.habr.com