Apple devices running the latest version of iOS 10 may be at risk of data theft. Security researchers have discovered a brute-force method for bypassing the Activation Lock feature and gaining access to the homescreen of lost or stolen iPhone/iPads. And since the hack is easy to understand, even for a non-techie, so you most likely should act more responsibly and not leave your iOS devices unattended.
There seem to be a couple iterations of this exploit which vary depending on the version of iOS 10 you’re device is running. First spotted by Slash Secure’s Hemanth Joseph (a security researcher from Kerala), he was able to bypass the said feature on his iPad running iOS 10.1 back in October. He passed on info about the vulnerability to Apple and the same was reportedly addressed by the company in iOS 10.1.1 update. But the vulnerability still seems to manifest iOS devices.
Benjamen Kunz-Mejri, the founder of German security firm Vulnerability Lab has been successfully able to emulate the blunt hack on his iPad running iOS 10.1.1 update.
But how does one follow through and gain access to an iOS 10 device via this vulnerability?
Well, the ‘Find My Phone’ feature allows the user to remotely active Lost Mode on their Apple devices. This automatically enables the Activation Lock feature – which denies access without the confirmation of the owner’s credentials via AppleID. But the user requires an internet connection to confirm the identity. And this is where the hacker gets an option to connect to any Wi-Fi network to complete the process. Stop! This is where things spiral downwards!!!
The Wi-Fi network selection screen provides the user with the alternative to connect to ‘Other Networks’ as well. The hackers then selects this option and starts to tap random keyboard characters with the sole aim of populating the network name and password fields. Since Apple hasn’t limited the number of characters you can input, thus once you reach past the 10,000 limit for both fields, the device just freezes and stops responding.
Now, the next step is to put the device to sleep within the smart cover but with the 10.1.1 update you might be required to do a couple of rotations and use Night Shift mode to break through the security. Though the homescreen popped up for just a second on Benjamen’s device, you could gain access to the device with a perfectly-timed home button press.
This vulnerability, as suggested, could be fixed by limiting the character limit for the said text fields. And Apple has yet again missed the implementation of this simple fix.
We’ve contacted Apple for an update on the vulnerability and will update you once we hear from them.
1 comment
So all they get to see is the home screen? If so, this is not really a security issue I believe. The main issue is Surveillance, we need to secure our online private data after Snowden exposed their activities. He also also suggest us to use a encryption thats why I got PureVPN to hide my real location.