The defense against brute-force attacks on iPhone backups was bolstered with a new software release.
According to security researcher Graham Cluley, a regular contributor to Tripwire blog The State of Security, after a Russian security firm detected that local backups of users' password-protected iTunes files were susceptible to brute-force attacks on iOS 10 at a rate that was 2,500 times faster to crack than on the previous generation OS, Apple issued iOS 10.1 to address the issue.
It wasn't the device itself that was being cracked, Cluley emphasized, but local backups of iOS devices – whether iPhone or iPad – so attackers needed to go after computers on which backups were stored.
The beta of iOS 10.2 has even more stringent password protections, Cluley wrote. These include encryption of the backup database and stronger demands for validation of user passwords.