This tiny box uses brute force to bypass the passcode on your iPhone

With almost every iteration of iOS, Apple has made it even more difficult to bypass a passcode lock. But the tiny box you see above is able to use brute force to bypass a passcode and gain entry to a locked iOS device while keeping its data intact.

The device is called an IP Box, according to MDSec, and it’s being used by gadget repairers to gain access to locked iPhones, iPads, and iPods when users forget their passcodes. It costs around £200 ($294), but of course, it’ll pay for itself over time.

“This obviously has huge security implications and naturally it was something we wanted to investigate and validate,” MDSec reports.

After its investigation, MDSec found the way in which the IP Box worked was simple: It tried every PIN combination possibly in quick succession until it eventually reached the right one. That means it could take around 111 hours to complete the process.

By connecting directly to an iOS device’s power source, it’s able to quickly cut off the power supply after every failed PIN attempt — before the device is able to record it as a failed attempt. Here’s an example of how it works on an iPhone 5s running iOS 8.1:

“We plan to test the same attack on an 8.2 device and will update with our progress,” MDSec says. “In the mean time, our advice to all is ensure you have a sufficiently complex password applied to your device rather than a PIN.”

We’ll be keeping an eye on MDSec’s investigations with the IP Box, and we’ll be sure to let you know how they get on with iOS 8.2.

What do you think ?



blog comments powered by Disqus
Octofinder Blog Catalog