Possible to Bypass iPhone, iPad Lock

Monday, December 5, 2016 @ 01:12 PM gHale

A vulnerability can end up leveraged to gain access to the homescreen of locked iPhones and iPads, a researcher said.

The Find My iPhone service allows users to activate Lost Mode on their iPhone, iPad or iPod if the device ends up lost or stolen. When a user activates Lost Mode, it automatically enables Activation Lock, a feature that prevents reactivation of the device without the legitimate owner’s permission.

RELATED STORIES
Hacking Device That Really Works
Potential of Proactive Cybersecurity: Report
Flaw in Common Computer Chip
Endpoint Security Lacking: Study

The flaw ended up discovered by India-based security enthusiast Hemant Joseph, who started analyzing the Activation Lock feature after purchasing a locked iPad from eBay.

One way to get to the welcome screen is when a locked device starts, users end up asked to connect to a Wi-Fi network. If the “Other Network” option is selected, the user must enter the name of the network and choose a security protocol (e.g. WEP, WPA2, etc.). Depending on the protocol, a username and/or a password must also add in.

The problem, as Joseph found, is there is no limitation on the number of characters that can end up entered into the name, username and password fields. By entering very long strings into these fields, an attacker can trigger a crash that exposes the device’s homescreen.

Another way to break into the device involves Apple’s iPad smart cases, which cause the device to wake or sleep when the case is opened or closed.

“If we lock the screen using a magnetic smartcase and unlock it by opening the case it will show the same old screen thereby sending the req again.

“Here I followed the steps again until my iPad freeze and locked it using the Smart Case and then unlocked the iPad by opening the case and waited a bit .

“After 20-25 seconds the Add Wifi Connection Screen Crashed to the iPad Home screen. Thereby bypassing the so-called Find My iPhone Activation Lock,” Joseph said.

Apple is aware of the situation and is in the process of working on a solution.



Leave a Reply

You must be logged in to post a comment.