A pirate discovers a new and easy way to bypass the password on iPhone

ios 12 - iPhone X

Become passwords to a large extent the security system the favorite of most iPhone users. Even in the presence of solutions to biometric more advanced, like Face ID, the absolute comfort and access to four-digit or six or even more make passwords a security system backed up perfect. The way that the system works this security system iOS is simple, but efficient because you get a total of 10 attempts to enter the password. If you exhausted all these attempts will wipe the data automatically for protection. Is track The number of attempts to input by a special chip called the ” Secure Enclave“, which makes it pretty impossible to disable this system or download it directly. An additional measure for brute force, for each entry a consecutive processing time a little longer.

Now it’s time for magic. The way it works is that the attack is by attaching an input device an external device to iPhone. This keeps keyboard, to be exact. Discover the pirate, Matthew Hickey, that instead of the introduction of the words are one after the other and then waiting for control of your health, you can actually create all combinations in a long series of inputs without any spaces and send it to your phone. Apparently, will continue to be iOS trying to process all the numbers. The other part of the trick of the fact that the keyboard entries have priority over a command to clear data. So, in fact, still chip’s ” Secure Enclave ” count your attempts, but can not perform the actual scan before ending the phone from processing the input. This means that if you create all the odds possible, will in the end open the phone and cancel the wipe command.

Process usually takes address password consisting of four numbers between three to five seconds. This means that there is a test 100 combination only during the hours with the knowledge that there are a large number of possibilities that should be lose. Increasing difficulty with passwords consisting of six digits is the default length for passwords is now on the iOS system. It is interesting to see that a brute force attack has been successfully implemented even on iOS 11.3.

However, the Apple is no longer oblivious to such security vulnerabilities, because this is far from the only method to deal on the safety of iPhone. The companies, such as Grayshift already created devices to hack into iPhones through the exploitation of such vulnerabilities. To combat this, they added a new mode for iOS 12 supports the USB ” Restricted Mode “. This situation prevents the use of a separate Lightning listen with other devices if it doesn’t open the phone for more than an hour. This makes the use of methods, such as brute force method, which used the pirate Hickey more difficult, but certainly that doesn’t mean impossible.

The post Corsair discovers new and easy way to bypass the password on iPhone appeared first on electronic.

Leave a Reply

Your email address will not be published. Required fields are marked *