A USB-based vulnerability that allows for the brute forcing of a passcode on an iOS device has been discovered by security researcher Matthew Hickey, reports ZDNet.
The method, which bypasses the 10-entry attempt that erases an iOS device when the setting is enabled, allows a hacker to plug an iPhone or iPad into a computer and send all passcodes, from 0000 to 9999, all at once, triggering an input routine that takes priority over anything else on the device. Hickey demos the hack in the video below.
Hickey's iPhone cracking method takes between three and five seconds for each four-digit passcode, which means it's slow and not as advanced as other passcode cracking methods employed by companies like Grayshift, which makes the GrayKey box. For this method to guess a six-digit passcode, Hickey says it would take weeks.
Apple in iOS 12 is introducing a new USB Restricted Mode that may put a stop to the vulnerability that Hickey has discovered, as well as vulnerabilities exploited by tools like the GrayKey Box.
With USB Restricted Mode, enabled by default on iOS devices running iOS 12, USB access to an iPhone or iPad is cut off if it's been more than an hour since the device was last unlocked.
That means computers and other accessories can't be used to access a locked iPhone if it's been locked for over an hour, disabling access via a USB to Lightning cable.
Update: In a statement obtained by iMore, Apple says "the recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing."
The method, which bypasses the 10-entry attempt that erases an iOS device when the setting is enabled, allows a hacker to plug an iPhone or iPad into a computer and send all passcodes, from 0000 to 9999, all at once, triggering an input routine that takes priority over anything else on the device. Hickey demos the hack in the video below.
"Instead of sending passcodes one at a time and waiting, send them all in one go," he said.All that's required to use this brute force password cracking method is an iPhone or iPad that's turned on and locked and a Lightning cable, according to Hickey. It works on iOS devices up to iOS 11.3.
"If you send your brute-force attack in one long string of inputs, it'll process all of them, and bypass the erase data feature," he explained.
Hickey's iPhone cracking method takes between three and five seconds for each four-digit passcode, which means it's slow and not as advanced as other passcode cracking methods employed by companies like Grayshift, which makes the GrayKey box. For this method to guess a six-digit passcode, Hickey says it would take weeks.
Apple in iOS 12 is introducing a new USB Restricted Mode that may put a stop to the vulnerability that Hickey has discovered, as well as vulnerabilities exploited by tools like the GrayKey Box.
With USB Restricted Mode, enabled by default on iOS devices running iOS 12, USB access to an iPhone or iPad is cut off if it's been more than an hour since the device was last unlocked.
That means computers and other accessories can't be used to access a locked iPhone if it's been locked for over an hour, disabling access via a USB to Lightning cable.
Update: In a statement obtained by iMore, Apple says "the recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing."
64 comments
Apple today shared a new trailer for its upcoming "Snoopy in Space" show that's coming to Apple TV+ this fall. As Deadline points out, the release of new trailer has been timed to...
Apple this morning released the fourth beta of iOS 13 for developers, introducing bug fixes and adding and refining iOS 13 features.
Now that we're into the fourth beta, changes and updates...
A security vulnerability in the Bluetooth communication protocol has the potential to allow malicious actors to track and identify devices from Apple and Microsoft, according to new research from...
Apple is renewing its "Carpool Karaoke: The Series" show for a third season, Apple announced on YouTube today via James Corden's YouTube channel. The new season is already in production...
Apple today seeded the fourth betas of iOS 13 and iPadOS to developers for testing purposes, two weeks after releasing the third betas and more than a month after unveiling the new operating system...
The Information's Wayne Ma has published an interesting story about the measures Apple takes to prevent leaks of unreleased products like iPhones from emerging out of factories within its Asian...
Today is World Emoji Day, and in celebration of emojis, Adobe released its 2019 Emoji Trend Report, giving us some insight into the most popular emoji characters that people are using. For its...
Apple has asked one of its manufacturing partners to ready components for use in rear Time-of-Flight (ToF) camera lenses said to be coming to next year's iPhone lineup, according to DigiTimes.
...
