A USB-based vulnerability that allows for the brute forcing of a passcode on an iOS device has been discovered by security researcher Matthew Hickey, reports ZDNet.
The method, which bypasses the 10-entry attempt that erases an iOS device when the setting is enabled, allows a hacker to plug an iPhone or iPad into a computer and send all passcodes, from 0000 to 9999, all at once, triggering an input routine that takes priority over anything else on the device. Hickey demos the hack in the video below.
Hickey's iPhone cracking method takes between three and five seconds for each four-digit passcode, which means it's slow and not as advanced as other passcode cracking methods employed by companies like Grayshift, which makes the GrayKey box. For this method to guess a six-digit passcode, Hickey says it would take weeks.
Apple in iOS 12 is introducing a new USB Restricted Mode that may put a stop to the vulnerability that Hickey has discovered, as well as vulnerabilities exploited by tools like the GrayKey Box.
With USB Restricted Mode, enabled by default on iOS devices running iOS 12, USB access to an iPhone or iPad is cut off if it's been more than an hour since the device was last unlocked.
That means computers and other accessories can't be used to access a locked iPhone if it's been locked for over an hour, disabling access via a USB to Lightning cable.
Update: In a statement obtained by iMore, Apple says "the recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing."
The method, which bypasses the 10-entry attempt that erases an iOS device when the setting is enabled, allows a hacker to plug an iPhone or iPad into a computer and send all passcodes, from 0000 to 9999, all at once, triggering an input routine that takes priority over anything else on the device. Hickey demos the hack in the video below.
"Instead of sending passcodes one at a time and waiting, send them all in one go," he said.All that's required to use this brute force password cracking method is an iPhone or iPad that's turned on and locked and a Lightning cable, according to Hickey. It works on iOS devices up to iOS 11.3.
"If you send your brute-force attack in one long string of inputs, it'll process all of them, and bypass the erase data feature," he explained.
Hickey's iPhone cracking method takes between three and five seconds for each four-digit passcode, which means it's slow and not as advanced as other passcode cracking methods employed by companies like Grayshift, which makes the GrayKey box. For this method to guess a six-digit passcode, Hickey says it would take weeks.
Apple in iOS 12 is introducing a new USB Restricted Mode that may put a stop to the vulnerability that Hickey has discovered, as well as vulnerabilities exploited by tools like the GrayKey Box.
With USB Restricted Mode, enabled by default on iOS devices running iOS 12, USB access to an iPhone or iPad is cut off if it's been more than an hour since the device was last unlocked.
That means computers and other accessories can't be used to access a locked iPhone if it's been locked for over an hour, disabling access via a USB to Lightning cable.
Update: In a statement obtained by iMore, Apple says "the recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing."
64 comments
Apple today seeded the third beta of an upcoming iOS 12.3 update to developers, two weeks after releasing the second beta and a month after the launch of iOS 12.2, an update that introduced Apple...
The Wall Street Journal reports that Samsung has delayed its launch of the Galaxy Fold until "at least next month" after multiple review units experienced sudden display failures while being...
iOS 13 will enable developers to integrate Siri into their apps for several new use cases, including media playback, search, voice calling, event ticketing, message attachments, flights, train trips,...
Today is Earth Day, an annual event celebrated around the world that brings attention to various environmental causes. Apple is taking part in the event in a variety of ways, from green Apple logos...
Sony today announced that some of its upcoming smart TVs will support AirPlay 2 and HomeKit in summer 2019, including its A9G series of 4K OLED TVs, Z9G series of 8K LED TVs, and X950G series of 4K...
2020 iPhones will support 5G networks, with chipmaker Qualcomm likely to be one of two 5G modem suppliers for the devices after settling its high-profile legal battle with Apple last week, according...
American department store JCPenney has quietly removed support for Apple Pay from its retail stores, it has emerged.
The withdrawal of support for Apple's digital payment system was...
SlashLeaks posts an image that is alleged to be iPhone XI and XI Max molds for 3rd party case production.
These physical molds are presumably produced by case manufacturers based on leaked...
