Security Researcher Finds Way to Brute Force Locked iPhone Running iOS 11

A security researcher has found a way to brute force a password on a current iOS device. In doing so, he was able to bypass the security mechanisms for iOS, thereby putting encrypted data at risk, according to ZDNet.

The Secure enclave chip keeps a count of the number of times an incorrect passcode is entered and then progressively makes it more difficult to enter a passcode. If a user has enabled the option, after 10 failed attempts, the device in question is completely wiped.

However, Mattew Hickey has found a way to bypass all these security measures from Apple and all he needs is a lightning phone and the device to turn on. This works on all iPhones and iPads running iOS 11.4 or lower. He explains that when a keyboard input is sent to an iPhone or iPad, there is an interrupt request that takes priority over any other action on the device.

A hacker needs to take advantage of this interrupt request and send one long string of inputs instead of sending one passcode at a time.
An attacker can send all the passcodes in one go by enumerating each code from 0000 to 9999 in one string with no spaces. Because this doesn’t give the software any breaks, the keyboard input routine takes priority over the device’s data-erasing feature, he explained.
While Hickey’s hack can work with six-digit passcodes, it is extremely long as it runs one passcode in about free to five seconds and takes about an hour to run over a hundred four-digit codes. It might not also survive the USB Restricted mode that Apple is introducing with iOS 12 which will essentially only allow an iOS device to be charged if it remains locked for more than an hour.

When security holes are discovered in iOS, Apple’s been relatively quick at finding a fix. Unfortunately, it doesn’t take long before something else is uncovered. Just this month, for example, it was reported that Apple was closing a loophole that allowed law enforcement and hackers to crack iPhones. No doubt, a new workaround will soon be perfected.


blog comments powered by Disqus
Octofinder Blog Catalog