Explore the intricacies of Apple's iCloud Keychain security in this revealing conference talk from HITB2017AMS. Delve into the various types of data synced and stored in iCloud, including contacts, calendars, notes, passwords, and credit card information. Discover how certain data, such as call logs, are transmitted to Apple servers even when syncing is disabled. Learn why two-factor authentication may not provide the level of protection users expect and how it can potentially make accessing sensitive information easier. Gain insights into data acquisition methods, cloud services, and the differences between backup and iCloud keychains. Examine iOS keychain protection classes, iTunes backup password breaking techniques, and the setup of two-factor authentication. Understand the arrow proxy architecture and SRP protocol used in iCloud security. Presented by Vladimir Katalov, CEO of ElcomSoft Co. Ltd., this 37-minute talk offers a comprehensive look at the vulnerabilities and complexities of Apple's cloud-based security systems. Read more