Emsebenzini wabo, ochwepheshe be-computer forensic bahlale behlangabezana namacala lapho kudingekile ukuvula ngokushesha i-smartphone. Isibonelo, idatha evela ocingweni iyadingeka ngophenyo ukuze kuqondwe izizathu zokuzibulala kwentsha. Kokunye, bazosiza ekungeneni emzileni weqembu lezigebengu elihlasela abashayeli bamaloli. Kukhona, yiqiniso, izindaba ezinhle - abazali bakhohlwe iphasiwedi kugajethi, futhi kwakukhona ividiyo enezinyathelo zokuqala zengane yabo kuyo, kodwa, ngeshwa, kukhona ezimbalwa zazo. Kodwa futhi zidinga indlela yochwepheshe kule ndaba. Kulesi sihloko Igor Mikhailov, uchwepheshe we-Group-IB Computer Forensics Laboratory, ikhuluma ngezindlela ezivumela ochwepheshe bezobunhloli ukuthi badlule ukhiye we-smartphone.
Okubalulekile: Lesi sihloko sibhalelwe ukuhlola ukuphepha kwamaphasiwedi namaphethini ayingcaca asetshenziswa abanikazi bamadivayisi eselula. Uma unquma ukuvula idivayisi ephathwayo usebenzisa izindlela ezichaziwe, khumbula ukuthi wenza zonke izenzo zokuvula amadivayisi ngengozi yakho kanye nobungozi. Lapho ukhohlisa amadivayisi eselula, ungakhiya idivayisi, usule idatha yomsebenzisi, noma ubangele idivayisi ukuthi ingasebenzi kahle. Izincomo ziphinde zinikezwe abasebenzisi ukuthi bangakhuphula kanjani izinga lokuvikelwa kwamadivayisi wabo.
Ngakho-ke, indlela evamile yokukhawulela ukufinyelela kulwazi lomsebenzisi oluqukethwe kudivayisi ukukhiya isikrini sedivayisi yeselula. Uma idivayisi enjalo ingena elabhorethri ye-forensic, ukusebenza nayo kungaba nzima, ngoba idivayisi enjalo akunakwenzeka ukwenza kusebenze imodi yokulungisa iphutha le-USB (yamadivayisi we-Android), akunakwenzeka ukuqinisekisa imvume yokuthi ikhompuyutha yomhloli ixhumane nalokhu. idivayisi (yamadivayisi eselula e-Apple), futhi, ngenxa yalokho, akunakwenzeka ukufinyelela idatha egcinwe kumemori yedivayisi.
Iqiniso lokuthi i-FBI yase-US ikhokhele isamba esikhulu ukuze uvule i-iPhone yephekula uSyed Farouk, omunye wabahlanganyeli ekuhlaselweni kwamaphekula edolobheni laseCalifornia eSan Bernardino, libonisa ukuthi ukukhiya isikrini okujwayelekile kwedivayisi ephathekayo kuvimbela kangakanani ochwepheshe ukukhipha idatha kuyo [1].
Izindlela Zokuvula Isikrini Sedivayisi Yeselula
Njengomthetho, ukukhiya isikrini sedivayisi yeselula kusetshenziswa:
- Iphasiwedi yophawu
- Iphasiwedi yesithombe
Futhi, izindlela zobuchwepheshe be-SmartBlock zingasetshenziswa ukuvula isikrini senombolo yamadivayisi eselula:
- Ukuvula izigxivizo zeminwe
- Ukuvula ngobuso (ubuchwepheshe be-FaceID)
- Vula idivayisi ngokubonwa kwe-iris
Izindlela zomphakathi zokuvula idivayisi yeselula
Ngokungeziwe kwezobuchwepheshe kuphela, zikhona ezinye izindlela zokuthola noma zokunqoba i-PIN khodi noma ikhodi eyingcaca (iphethini) yokukhiya isikrini. Kwezinye izimo, izindlela zokuxhumana nabantu zingasebenza kangcono kunezixazululo zobuchwepheshe futhi zisize ukuvula amadivayisi anqotshwe ukuthuthukiswa kobuchwepheshe obukhona.
Lesi sigaba sizochaza izindlela zokuvula isikrini sedivayisi yeselula ezingadingi (noma ezidinga ukusetshenziswa okulinganiselwe, okuyingxenye) kwezindlela zobuchwepheshe.
Ukuze wenze ukuhlaselwa komphakathi, kuyadingeka ukutadisha i-psychology yomnikazi wedivayisi ekhiyiwe ngokujulile ngangokunokwenzeka, ukuqonda izimiso akhiqiza ngazo futhi alondoloze amaphasiwedi noma amaphethini ezithombe. Futhi, umcwaningi uzodinga iconsi lenhlanhla.
Uma usebenzisa izindlela ezihlobene nokuqagela iphasiwedi, kufanele kukhunjulwe ukuthi:
- Ukufaka amaphasiwedi ayishumi angalungile kumadivayisi eselula e-Apple kungase kubangele ukuthi idatha yomsebenzisi isulwe. Lokhu kuncike kuzilungiselelo zokuphepha umsebenzisi azimisile;
- kumadivayisi eselula asebenzisa uhlelo lokusebenza lwe-Android, ubuchwepheshe be-Root of Trust bungasetshenziswa, okuzoholela eqinisweni lokuthi ngemva kokufaka amaphasiwedi angalungile angu-30, idatha yomsebenzisi ngeke ifinyeleleke noma isulwe.
Indlela 1: cela iphasiwedi
Kungase kubonakale kungavamile, kodwa ungathola iphasiwedi yokuvula ngokumane ubuze umnikazi wedivayisi. Izibalo zibonisa ukuthi cishe u-70% wabanikazi bamadivayisi eselula bazimisele ukwabelana ngamaphasiwedi abo. Ikakhulukazi uma kuzofinyeza isikhathi socwaningo futhi, ngokufanelekile, umnikazi uzobuyisela idivayisi yakhe ngokushesha. Uma kungenakwenzeka ukubuza umnikazi iphasiwedi (isibonelo, umnikazi wedivayisi ushonile) noma enqaba ukuyidalula, iphasiwedi ingatholakala ezihlotsheni zakhe eziseduze. Njengomthetho, izihlobo ziyazi iphasiwedi noma zingaphakamisa izinketho ezingenzeka.
Izincomo zokuvikela: Iphasiwedi yefoni yakho ingukhiye osebenza yonke indawo kuyo yonke idatha, okuhlanganisa nedatha yokukhokha. Ukukhuluma, ukudlulisa, ukubhala ngezithunywa ezisheshayo kuwumbono omubi.
Indlela 2: bheka iphasiwedi
Iphasiwedi ingabhekwa ngesikhathi lapho umnikazi esebenzisa idivayisi. Ngisho noma ukhumbula iphasiwedi (uhlamvu noma umfanekiso) kancane kancane, lokhu kuzonciphisa kakhulu inani lezinketho ezingenzeka, okuzokuvumela ukuthi ukuqagele ngokushesha.
Okuhlukile kwale ndlela ukusetshenziswa kwezithombe ze-CCTV ezibonisa umnikazi evula idivayisi esebenzisa iphasiwedi yephethini [2]. I-algorithm echazwe emsebenzini othi “I-Cracking Android Pattern Lock in Five Imizamo” [2], ngokuhlaziya okurekhodiwe kwevidiyo, ikuvumela ukuthi uqagele izinketho zephasiwedi eyingcaca futhi uvule idivayisi ngemizamo eminingana (njengomthetho, lokhu akudingi okunye. imizamo engaphezu kwemihlanu). Ngokusho kwababhali, "lapho i-password eyimfihlo iyinkimbinkimbi, kuba lula ukuyicosha."
Izincomo zokuvikela: Ukusebenzisa ukhiye wesithombe akuwona umqondo ongcono kakhulu. Iphasiwedi ye-alphanumeric inzima kakhulu ukulunguza.
Indlela 3: thola iphasiwedi
Iphasiwedi ingatholakala kumarekhodi omnikazi wedivayisi (amafayela kukhompuyutha, idayari, ezicucu zephepha ezilele emibhalweni). Uma umuntu esebenzisa amadivaysi eselula amaningana ahlukene futhi enamagama ayimfihlo ahlukene, ngezinye izikhathi endaweni yebhethri yalawa madivayisi noma esikhaleni esiphakathi kwekesi le-smartphone nekesi, ungathola iziqephu zephepha ezinamaphasiwedi abhaliwe:
Izincomo zokuvikela: asikho isidingo sokugcina "incwajana" enamagama ayimfihlo. Lona umbono omubi, ngaphandle uma wonke lawa maphasiwedi aziwa njengangamanga ukuze kuncishiswe inani lemizamo yokuvula.
Indlela 4: izigxivizo zeminwe (Ukuhlasela kwe-Smudge)
Le ndlela ikuvumela ukuthi ubone iminonjana yezandla ezinamafutha omjuluko esibukweni sedivayisi. Ungazibona ngokuphatha isikrini sedivayisi ngempusha yezigxivizo zeminwe (esikhundleni sempushana ekhethekile, ungasebenzisa impushana yengane noma enye impushana engasebenzi ngamakhemikhali enombala omhlophe noma ompunga okhanyayo) noma ngokubheka isikrini idivayisi emisebeni ye-oblique yokukhanya. Ukuhlaziya ukuma okuhlobene kwezigxivizo zezandla nokuba nolwazi olwengeziwe mayelana nomnikazi wedivayisi (isibonelo, ukwazi unyaka wakhe wokuzalwa), ungazama ukuqagela umbhalo noma iphasiwedi eyingcaca. Nansi indlela ukunqwabelana kwamafutha omjuluko kubukeka kanjani kusibonisi se-smartphone ngendlela yohlamvu lwesitayela u-Z:
Izincomo zokuvikela: Njengoba sishilo, igama eliyimfihlo eliyimfihlo akuwona umqondo omuhle, njengezibuko ezine-oleophobic coating embi.
Indlela yesi-5: umunwe wokwenziwa
Uma idivayisi ingavulwa ngezigxivizo zeminwe, futhi umcwaningi enamasampuli wezigxivizo zesandla zomnikazi wedivayisi, ikhophi ye-3D yesigxivizo somunwe somnikazi ingenziwa kuphrinta ye-3D futhi isetshenziselwe ukuvula idivayisi [XNUMX]:
Ukuze uthole ukulingisa okuphelele komunwe womuntu ophilayo - isibonelo, lapho inzwa yezigxivizo zeminwe ye-smartphone isabona ukushisa - imodeli ye-3D ifakwa (incike ngokumelene) nomunwe womuntu ophilayo.
Umnikazi wedivayisi, ngisho noma ekhohlwa iphasiwedi yokukhiya isikrini, angakwazi ukuzivulela ngokwakhe idivayisi esebenzisa izigxivizo zeminwe zakhe. Lokhu kungasetshenziswa ezimeni ezithile lapho umnikazi engakwazi ukunikeza iphasiwedi kodwa ezimisele ukusiza umcwaningi ukuthi avule idivayisi yakhe noma kunjalo.
Umcwaningi kufanele akhumbule izizukulwane zezinzwa ezisetshenziswa kumamodeli ahlukahlukene wamadivayisi eselula. Amamodeli amadala ezinzwa angaqaliswa cishe yinoma yimuphi umunwe, hhayi umnikazi wedivayisi. Izinzwa zesimanje ze-ultrasonic, ngokuphambene nalokho, ziskena ngokujulile nangokucacile. Ngaphezu kwalokho, izinzwa eziningi zesimanje ezingaphansi kwesikrini zingamakhamera e-CMOS angakwazi ukuskena ukujula kwesithombe, okwenza kube lula kakhulu ukuwakhohlisa.
Izincomo zokuvikela: Uma umunwe, khona-ke inzwa ye-ultrasonic kuphela. Kodwa ungakhohlwa ukuthi ukubeka umunwe ngokumelene nentando yakho kulula kakhulu kunobuso.
Indlela 6: "jerk" (Ukuhlasela kweMug)
Le ndlela ichazwa ngamaphoyisa aseBrithani [4]. Iqukethe ukugadwa ngokucashile komsolwa. Ngesikhathi umsolwa evula ifoni yakhe, i-ejenti engagqokile ihlwitha ezandleni zomnikazi futhi ivimbele idivayisi ukuthi ingaphinde ivaliwe ize inikezwe ochwepheshe.
Izincomo zokuvikela: Ngicabanga ukuthi uma izinyathelo ezinjalo zizosetshenziswa ngokumelene nawe, khona-ke izinto zimbi. Kodwa lapha udinga ukuqonda ukuthi ukuvinjwa okungahleliwe kwehlisa le ndlela. Futhi, ngokwesibonelo, ngokucindezela ngokuphindaphindiwe inkinobho yokukhiya ku-iPhone yethula imodi ye-SOS, okuthi ngaphezu kwakho konke kuvale i-FaceID futhi idinga iphasikhodi.
Indlela 7: amaphutha kuma-algorithms okulawula idivayisi
Ezindabeni zokuphakelayo kwezinsiza ezikhethekile, ngokuvamile ungathola imilayezo esho ukuthi izenzo ezithile ngedivayisi zivula isikrini sayo. Isibonelo, isikrini sokukhiya samanye amadivayisi singavulwa ngekholi engenayo. Ukungalungi kwale ndlela ukuthi ubuthakathaka obuhlonziwe, njengomthetho, buqedwa ngokushesha ngabakhiqizi.
Isibonelo sendlela yokuvula yamadivayisi eselula akhishwe ngaphambi kuka-2016 ukudonsa kwebhethri. Uma ibhethri liphansi, idivayisi izovula futhi ikutshele ukuthi ushintshe izilungiselelo zamandla. Kulokhu, udinga ukuya ngokushesha ekhasini elinezilungiselelo zokuphepha futhi ukhubaze ukukhiya isikrini [5].
Izincomo zokuvikela: ungakhohlwa ukuvuselela i-OS yedivayisi yakho ngesikhathi, futhi uma ingasasekelwa, shintsha i-smartphone yakho.
Indlela yesi-8: Ukuba sengozini ezinhlelweni zezinkampani zangaphandle
Ubungozi obutholakala ezinhlelweni zezinkampani zangaphandle ezifakwe ocingweni bungahlinzeka ngokugcwele noma kancane ukufinyelela kudatha yedivayisi ekhiyiwe.
Isibonelo sobungozi obunjalo ukwebiwa kwedatha ku-iPhone ka-Jeff Bezos, umnikazi oyinhloko we-Amazon. Ukuba sengozini kwesithunywa se-WhatsApp, esaxhashazwa abantu abangaziwa, kwaholela ekwebiweni kwedatha eyimfihlo egcinwe kumemori yedivayisi [6].
Ubungozi obunjalo bungasetshenziswa abacwaningi ukufeza izinhloso zabo - ukukhipha idatha kumadivayisi akhiyiwe noma ukuwavula.
Izincomo zokuvikela: Akufanele ubuyekeze i-OS kuphela, kodwa nezinhlelo zokusebenza ozisebenzisayo.
Indlela 9: ifoni yenkampani
Amadivayisi eselula ezinkampani angavulwa ngabaphathi besistimu yenkampani. Isibonelo, amadivaysi e-Windows Phone ezinkampani axhunywe ku-akhawunti yenkampani ye-Microsoft Exchange futhi angavulwa ngabaphathi benkampani. Kumadivayisi ezinkampani ze-Apple, kunesevisi Yokuphathwa Kwedivayisi Ephathwayo efana ne-Microsoft Exchange. Abalawuli bayo bangakwazi futhi ukuvula idivayisi ye-iOS yebhizinisi. Ngaphezu kwalokho, amadivaysi eselula ezinkampani angamataniswa kuphela namakhompyutha athile acaciswe umlawuli kuzilungiselelo zedivayisi yeselula. Ngakho-ke, ngaphandle kokuxhumana nabaphathi besistimu yenkampani, idivayisi enjalo ayikwazi ukuxhunywa kukhompuyutha yomcwaningi (noma isofthiwe nesistimu yehadiwe ukuze kukhishwe idatha ye-forensic).
Izincomo zokuvikela: I-MDM yimbi futhi yinhle ngokwemibandela yokuvikela. Umlawuli we-MDM angahlala esetha kabusha idivayisi ekude. Kunoma ikuphi, akufanele ugcine idatha yomuntu siqu ebucayi kudivayisi yebhizinisi.
Indlela ye-10: ulwazi oluvela kuzinzwa
Ukuhlaziya ulwazi olutholwe kuzinzwa zedivayisi, ungaqagela iphasiwedi kudivayisi usebenzisa i-algorithm ekhethekile. U-Adam J. Aviv ubonise ukuthi kungenzeka ukuhlaselwa okunjalo kusetshenziswa idatha etholwe ku-accelerometer ye-smartphone. Phakathi nocwaningo, usosayensi ukwazile ukunquma kahle iphasiwedi engokomfanekiso ku-43% yamacala, kanye nephasiwedi ecacile - ku-73% [7].
Izincomo zokuvikela: Qaphela ukuthi yiziphi izinhlelo zokusebenza ozinikezayo imvume yokulandelela izinzwa ezihlukene.
Indlela 11: ukuvula ngobuso
Njengasendabeni yezigxivizo zeminwe, impumelelo yokuvula idivayisi kusetshenziswa ubuchwepheshe be-FaceID incike ekutheni yiziphi izinzwa nokuthi yiziphi izisetshenziswa zezibalo ezisetshenziswa kudivayisi ethile yeselula. Ngakho-ke, emsebenzini othi "Gezichtsherkenning op smartphone niet altijd veilig" [8], abacwaningi babonise ukuthi amanye ama-smartphones afundwayo avuliwe ngokumane abonise isithombe somnikazi ekhamera ye-smartphone. Lokhu kungenzeka uma kusetshenziswa ikhamera yangaphambili eyodwa kuphela ukuze kuvulwe, engenalo ikhono lokuskena idatha yokujula kwesithombe. AbakwaSamsung, ngemuva kochungechunge lokushicilelwa kwephrofayili ephezulu namavidiyo ku-YouTube, baphoqeleka ukuthi bangeze isexwayiso ku-firmware yama-smartphones abo. I-Face Unlock Samsung:
Amamodeli e-smartphone athuthuke kakhulu angavulwa kusetshenziswa imaski noma ukuzifundela kwedivayisi. Isibonelo, i-iPhone X isebenzisa ubuchwepheshe obukhethekile be-TrueDepth [9]: iprojektha yedivayisi, isebenzisa amakhamera amabili ne-infrared emitter, iphrojekthi igridi enamaphuzu angaphezu kuka-30 ebusweni bomnikazi. Umshini onjalo ungavulwa kusetshenziswa imaskhi emikhonto yayo ilingisa ubuso bomuntu owugqokile. Imaski yokuvula i-iPhone [000]:
Njengoba uhlelo olunjalo luyinkimbinkimbi kakhulu futhi alusebenzi ngaphansi kwezimo ezinhle (ukuguga kwemvelo komnikazi kwenzeka, izinguquko ekubunjweni kobuso ngenxa yokuvezwa kwemizwelo, ukukhathala, isimo sezempilo, njll.), kuphoqeleka ukuba uzifundele njalo. Ngakho-ke, uma omunye umuntu ebambe idivayisi evuliwe phambi kwakhe, ubuso bakhe buzokhunjulwa njengobuso bomnikazi wedivayisi futhi esikhathini esizayo uzokwazi ukuvula i-smartphone esebenzisa ubuchwepheshe be-FaceID.
Izincomo zokuvikela: ungasebenzisi ukuvula “ngesithombe” - kuphela amasistimu anezikena zobuso ezigcwele ngokugcwele (I-FaceID evela ku-Apple nama-analogue kumadivayisi we-Android).
Isincomo esikhulu ukuthi ungabheki ikhamera, vele ubheke eceleni. Ngisho noma uvala iso elilodwa, ithuba lokuvula lehla kakhulu, njengokuba khona kwezandla ebusweni. Ngaphezu kwalokho, kunikezwa imizamo emi-5 kuphela yokuvula ngobuso (FaceID), ngemva kwalokho uzodinga ukufaka iphasikhodi.
Indlela 12: Ukusebenzisa Ukuvuza
Imininingo egciniwe yamaphasiwedi aputshuziwe iyindlela enhle yokuqonda ukusebenza kwengqondo yomnikazi wedivayisi (kucatshangwa ukuthi umcwaningi unolwazi olumayelana namakheli e-imeyili omnikazi wedivayisi). Esibonelweni esingenhla, ukusesha ikheli le-imeyili kubuyise amaphasiwedi amabili afanayo asetshenziswe umnikazi. Kungacatshangwa ukuthi iphasiwedi engu-21454162 noma okuphuma kuyo (isibonelo, 2145 noma 4162) kungasetshenziswa njengekhodi yokukhiya idivayisi yeselula. (Ukusesha ikheli le-imeyili lomnikazi kuzigcinilwazi eziputshukile kuveza ukuthi yimaphi amagama ayimfihlo okungenzeka umnikazi uwasebenzisile, okuhlanganisa ukukhiya idivayisi yakhe yeselula.)
Izincomo zokuvikela: thatha isinyathelo ngokushesha, landelela idatha mayelana nokuvuza futhi ushintshe amaphasiwedi aqashelwe ekuvuzeni ngesikhathi!
Indlela 13: Amaphasiwedi okukhiya idivayisi ejwayelekile
Njengomthetho, akukho divayisi eyodwa yeselula ethathwa kumnikazi, kodwa eminingana. Ngokuvamile kuba nenqwaba yemishini enjalo. Kulesi simo, ungaqagela igama-mfihlo ledivayisi esengozini bese uzama ukulisebenzisa kwamanye ama-smartphone namathebulethi athathwe kumnikazi ofanayo.
Lapho kuhlaziywa idatha ekhishwe kumadivayisi eselula, idatha enjalo iboniswa ezinhlelweni ze-forensic (ngokuvamile ngisho nalapho kukhishwa idatha kumadivayisi akhiyiwe kusetshenziswa izinhlobo ezihlukahlukene zobungozi).
Njengoba ubona kusithombe-skrini sengxenye yewindi elisebenzayo lohlelo lwe-UFED Physical Analyzer, idivayisi ikhiywe ngekhodi ye-PIN ye-fgkl engavamile.
Ungawanaki amanye amadivaysi omsebenzisi. Isibonelo, ngokuhlaziya amagama ayimfihlo agcinwe kunqolobane yesiphequluli sewebhu sekhompuyutha yomnikazi wedivayisi yeselula, umuntu angaqonda izimiso zokukhiqiza iphasiwedi umnikazi abambelele kuzo. Ungabuka amaphasiwedi alondoloziwe kukhompyutha yakho usebenzisa insiza ye-NirSoft [11].
Futhi, kukhompuyutha (ikhompyutha ephathekayo) yomnikazi weselula, kungase kube namafayela e-Lockdown angasiza ekufinyeleleni idivayisi yeselula ye-Apple ekhiyiwe. Le ndlela kuzoxoxwa ngayo ngokulandelayo.
Izincomo zokuvikela: sebenzisa amagama ayimfihlo ahlukile, ahlukile yonke indawo.
Indlela 14: Ama-PIN Ajwayelekile
Njengoba kuphawuliwe ekuqaleni, abasebenzisi bavame ukusebenzisa amaphasiwedi ajwayelekile: izinombolo zocingo, amakhadi asebhange, amakhodi e-PIN. Ulwazi olunjalo lungasetshenziswa ukuvula idivayisi enikeziwe.
Uma konke kwehluleka, ungasebenzisa lolu lwazi olulandelayo: abacwaningi benze ukuhlaziya bathola amakhodi e-PIN aziwa kakhulu (amakhodi e-PIN anikeziwe amboza u-26,83% wawo wonke amagama ayimfihlo) [12]:
I-PIN
Imvamisa, %
1234
10,713
1111
6,016
0000
1,881
1212
1,197
7777
0,745
1004
0,616
2000
0,613
4444
0,526
2222
0,516
6969
0,512
9999
0,451
3333
0,419
5555
0,395
6666
0,391
1122
0,366
1313
0,304
8888
0,303
4321
0,293
2001
0,290
1010
0,285
Ukusebenzisa lolu hlu lwamakhodi e-PIN kudivayisi ekhiyiwe kuzoyivula ngamathuba angu-26%.
Izincomo zokuvikela: hlola iphinikhodi yakho ngokwethebula elingenhla futhi noma ingahambisani, yishintshe noma kunjalo, ngoba amadijithi angu-4 mancane kakhulu ngezindinganiso zika-2020.
Indlela 15: Amaphasiwedi ezithombe ezijwayelekile
Njengoba kuchazwe ngenhla, ukuba nedatha evela kumakhamera agadayo lapho umnikazi wedivayisi ezama ukuyivula, ungathatha iphethini yokuvula ngemizamo emihlanu. Ukwengeza, njengoba kunamakhodi ephinikhodi ejwayelekile, kunamaphethini ajwayelekile angasetshenziswa ukuvula amadivaysi eselula akhiyiwe [13, 14].
Amaphethini alula [14]:
Amaphethini obunzima obuphakathi [14]:
Amaphethini ayinkimbinkimbi [14]:
Uhlu lwamaphethini eshadi adume kakhulu ngokusho komcwaningi uJeremy Kirby [15].
3>2>5>8>7
1>4>5>6>9
1>4>7>8>9
3>2>1>4>5>6>9>8>7
1>4>7>8>9>6>3
1>2>3>5>7>8>9
3>5>6>8
1>5>4>2
2>6>5>3
4>8>7>5
5>9>8>6
7>4>1>2>3>5>9
1>4>7>5>3>6>9
1>2>3>5>7
3>2>1>4>7>8>9
3>2>1>4>7>8>9>6>5
3>2>1>5>9>8>7
1>4>7>5>9>6>3
7>4>1>5>9>6>3
3>6>9>5>1>4>7
7>4>1>5>3>6>9
5>6>3>2>1>4>7>8>9
5>8>9>6>3>2>1>4>7
7>4>1>2>3>6>9
1>4>8>6>3
1>5>4>6
2>4>1>5
7>4>1>2>3>6>5
Kwamanye amadivaysi eselula, ngaphezu kwekhodi yesithombe, i-PIN khodi eyengeziwe ingase isethwe. Kulesi simo, uma kungenakwenzeka ukuthola ikhodi yesithombe, umcwaningi angachofoza inkinobho Iphinikhodi eyengeziwe (i-PIN yesibili) ngemuva kokufaka ikhodi yesithombe engalungile bese uzama ukuthola i-PIN eyengeziwe.
Izincomo zokuvikela: Kungcono ukungasebenzisi okhiye bezithombe nhlobo.
Indlela ye-16: Amaphasiwedi e-Alphanumeric
Uma iphasiwedi ye-alphanumeric ingasetshenziswa kudivayisi, lapho-ke umnikazi angasebenzisa amaphasiwedi alandelayo njengekhodi yokukhiya [16]:
- 123456
- iphasiwedi
- 123456789
- 12345678
- 12345
- 111111
- 1234567
- ilanga
- qwerty
- Ngiyakuthanda
- princess
- admin
- wamukelekile
- 666666
- Abc123
- football
- 123123
- imonkey
- 654321
- ! @ # $% ^ & *
- charlie
- aa123456
- donald
- password1
- Qwerty123
Izincomo zokuvikela: sebenzisa kuphela amagama ayimfihlo ayinkimbinkimbi, ahlukile anezinhlamvu ezikhethekile namacala ahlukene. Hlola ukuthi ingabe usebenzisa eyodwa yamagama-mfihlo angenhla. Uma usebenzisa - yishintshe ibe ethembekile.
Indlela ye-17: ifu noma isitoreji sendawo
Uma kungenzeki ngokobuchwepheshe ukususa idatha kudivayisi ekhiyiwe, izigebengu zingakwazi ukusesha amakhophi ayo ayisipele kumakhompyutha omnikazi wedivayisi noma kusitoreji samafu esihambisanayo.
Imvamisa, abanikazi bama-smartphones e-Apple, lapho bewaxhuma kumakhompyutha abo, abaqapheli ukuthi ikhophi yesipele yendawo noma yamafu yedivayisi ingadalwa ngalesi sikhathi.
Isitoreji samafu se-Google ne-Apple asikwazi ukugcina idatha evela kumadivayisi kuphela, kodwa namaphasiwedi alondolozwe idivayisi. Ukukhipha lawa maphasiwedi kungasiza ekuqageleni ikhodi yokukhiya yedivayisi yeselula.
Ku-Keychain egcinwe ku-iCloud, ungakhipha iphasiwedi eyisipele yedivayisi esethwe umnikazi, okungenzeka kakhulu ifane nephinikhodi yokukhiya isikrini.
Uma abomthetho bephendukela ku-Google ne-Apple, izinkampani zingadlulisa idatha ekhona, okungenzeka yehlise kakhulu isidingo sokuvula idivayisi, njengoba abomthetho sebezoba nayo idatha.
Isibonelo, ngemva kokuhlasela kwamaphekula ePensocon, amakhophi edatha agcinwe ku-iCloud anikezwa i-FBI. Kusuka esitatimendeni sika-Apple:
“Emahoreni ambalwa ngemva kwesicelo sokuqala se-FBI, ngoDisemba 6, 2019, sinikeze ulwazi olubanzi oluhlobene nophenyo. Kusukela ngomhla ka-7 Disemba kuya ku-December 14, sithole izicelo zezomthetho ezengeziwe eziyisithupha futhi sanikeza ulwazi njengempendulo, okuhlanganisa izipele ze-iCloud, ulwazi lwe-akhawunti, kanye nokuthenga kwama-akhawunti amaningi.
Saphendula zonke izicelo ngokushesha, ngokuvamile phakathi namahora, sinikana imininingwane namahhovisi e-FBI e-Jacksonville, ePensacola, naseNew York. Ngokwesicelo sophenyo, kutholwe imininingwane eminingi, sayidlulisela kubaphenyi.” [17, 18, 19]
Izincomo zokuvikela: noma yini oyithumelayo ingabhaliwe efwini ingakwazi futhi izosetshenziswa ngokumelene nawe.
Indlela 18: I-akhawunti ye-Google
Le ndlela ifanele ukususa iphasiwedi eyingcaca ekhiya isikrini sedivayisi yeselula esebenzisa isistimu yokusebenza ye-Android. Ukuze usebenzise le ndlela, udinga ukwazi igama lomsebenzisi nephasiwedi ye-akhawunti ye-Google yomnikazi wedivayisi. Umbandela wesibili: idivayisi kufanele ixhunywe ku-inthanethi.
Uma ufaka ngokulandelanayo iphasiwedi yesithombe okungesona izikhathi ezimbalwa zilandelana, idivayisi izonikezela ngokusetha kabusha iphasiwedi. Ngemuva kwalokho, udinga ukungena ngemvume ku-akhawunti yomsebenzisi, ezovula isikrini sedivayisi [5].
Ngenxa yezixazululo ezihlukahlukene zezingxenyekazi zekhompuyutha, amasistimu okusebenza e-Android, nezilungiselelo ezengeziwe zokuphepha, le ndlela isebenza kuphela enanini lamadivayisi.
Uma umcwaningi engenayo iphasiwedi ye-akhawunti ye-Google yomnikazi wedivayisi, angazama ukuyithola esebenzisa izindlela ezijwayelekile zokuthola iphasiwedi zama-akhawunti anjalo.
Uma idivayisi ingaxhunyiwe ku-inthanethi ngesikhathi socwaningo (isibonelo, i-SIM khadi ivinjiwe noma ayikho imali eyanele kuyo), idivayisi enjalo ingaxhunywa ku-Wi-Fi kusetshenziswa le miyalelo elandelayo:
- cindezela isithonjana "Ikholi ephuthumayo"
- shayela *#*#7378423#*#*
- khetha Ukuhlolwa Kwesevisi - Wlan
- xhuma kunethiwekhi ye-Wi-Fi etholakalayo [5]
Izincomo zokuvikela: ungakhohlwa ukusebenzisa ukuqinisekiswa kwezinto ezimbili lapho kungenzeka khona, futhi kulokhu, kungcono ukuxhuma kuhlelo lokusebenza, hhayi kukhodi nge-SMS.
Indlela 19: i-akhawunti yesivakashi
Amadivayisi eselula asebenzisa i-Android 5 nangaphezulu angaba nama-akhawunti amaningi. Ulwazi olwengeziwe lwe-akhawunti angeke luvaliwe ngephinikhodi noma iphethini. Ukuze ushintshe, udinga ukuchofoza isithonjana se-akhawunti ekhoneni eliphezulu kwesokudla bese ukhetha enye i-akhawunti:
Nge-akhawunti eyengeziwe, ukufinyelela kwenye idatha noma izinhlelo zokusebenza kungase kube nomkhawulo.
Izincomo zokuvikela: kubalulekile ukuvuselela i-OS. Ezinguqulweni zanamuhla ze-Android (9 nangaphezulu neziqephu zokuphepha zikaJulayi 2020), i-akhawunti yesivakashi ngokuvamile ayinikezi noma yiziphi izinketho.
Indlela 20: izinsizakalo ezikhethekile
Izinkampani ezakha izinhlelo ezikhethekile zokuphenya amacala, phakathi kwezinye izinto, zinikeza izinsizakalo zokuvula amadivaysi eselula nokukhipha idatha kuwo [20, 21]. Amathuba ezinkonzo ezinjalo mahle nje. Angasetshenziselwa ukuvula amamodeli aphezulu wamadivayisi we-Android ne-iOS, kanye namadivayisi akumodi yokutakula (okufakwe idivayisi ngemva kokweqa inombolo yemizamo yokufaka iphasiwedi engalungile). Ububi bale ndlela yizindleko eziphezulu.
Ingcaphuno evela ekhasini lewebhu kuwebhusayithi ye-Cellebrite echaza ukuthi imaphi amadivayisi abangathola kuwo idatha. Idivayisi ingavulwa elabhorethri yonjiniyela (Isevisi Ethuthukisiwe ye-Cellebrite (CAS)) [20]:
Ngesevisi enjalo, idivayisi kufanele inikezwe ihhovisi lesifunda (noma inhloko) lenkampani. Ukuhamba kochwepheshe kukhasimende kungenzeka. Njengomthetho, ukwephula ikhodi yokukhiya isikrini kuthatha usuku olulodwa.
Izincomo zokuvikela: cishe akunakwenzeka ukuzivikela, ngaphandle kokusetshenziswa kwephasiwedi eqinile ye-alphanumeric kanye noshintsho lwaminyaka yonke lwamadivayisi.
Ochwepheshe be-PS Group-IB Laboratory bakhuluma ngalawa macala, amathuluzi nezinye izici eziningi eziwusizo emsebenzini wochwepheshe bezobunhloli bekhompyutha njengengxenye yesifundo sokuqeqesha. . Ngemuva kokuphothula izifundo zezinsuku ezi-5 noma ezinwetshiwe zezinsuku eziyi-7, abathweswe iziqu bazokwazi ukwenza ucwaningo lwe-forensic ngempumelelo futhi bavimbele izehlakalo ze-inthanethi ezinhlanganweni zabo.
Isenzo se-PPS mayelana nokuphepha kolwazi, izigebengu, i-APT, ukuhlaselwa kwe-inthanethi, abakhohlisi kanye nezigebengu. Uphenyo lwesinyathelo nesinyathelo, amacala angokoqobo asebenzisa ubuchwepheshe be-Group-IB nezincomo zokuthi ungabi yisisulu. Xhuma!
Imithombo
- Guixin Yey, Zhanyong Tang, Dingyi Fangy, Xiaojiang Cheny, Kwang Kimz, Ben Taylorx, Zheng Wang.
- Dominic Casciani, Gaetan Portal.
- Anatoly Alizar.
- UMaria Nefedova.
- Anton Makarov. Iphasiwedi yephethini ye-Bypass kumadivayisi we-Android
- UJeremy Kirby.
- U-Andrey Smirnov.
- UMaria Nefedova.
Source: www.habr.com