Whether you don’t want your significant other to check your phone when you’re in the bathroom (assuming you don’t take your phone everywhere you go) or you want to make sure your data remains secure if your iPhone gets stolen, using a passcode is the best thing to do, right?
After all, it does ensure that no one can gain access to your phone’s contents unless they know the passcode; and with all the possible combinations, it won’t be easy to get the code right in 10 attempts, after which the data will be erased.
WRONG.
MDSec has acquired a device available in the market called IP Box, which can “guess” your iPhone passcode by brute force. They say that the device cost them “only” GBP200, which is actually cheap for unscrupulous people who make a living out of stolen iPhones.
According to MDSec, they tested the IP Box on and iPhone 5S running iOS 8.1.
The essentials:
- the IP Box simulates PIN entry via USB connection
- the PIN is entered sequentially until the correct combination is found
- the IP Box circumvents the “data erase” function after 10 attempts by “connecting directly to the iPhone’s power source and aggressively cutting the power after each failed PIN attempt, but before the attempt has been synchronized to flash memory”
- it takes about 111 hours to get the right PIN via this method.
Here is the video of MDSec’s test, which proved to be successful.
Think about the implications! With this device, even your iPhone passcode does not provide assurance anymore.
However, I think that Apple will find a way to stop IP Box and other such devices. What do you think?
One thought on “IP Box Device Can “Bypass” iPhone Passcode by Brute Force”
Wow!! And yes I believe we as a planet as nations as humans, the mass majority have no idea what their devices entail, and what our beautiful ever growing minds are capable of. Tech evolves way quicker than we do, we are babies compared to what we have out there running our daily lives . Majority have no idea what they have in their homes in their hands /pockets.. and last but not lease what this new generation of young adults and the ones after are going to be able to do and learn so quickly – so quickly that we as law enforcers and parents and governments and people won’t be able to keep up let alone keep safe . We need a group growing just as fast in form of groups law makers and tech creators to band together like the hackers do and put as much effort and time into our safety as the hakers put into their hacking .. which is — 24/7!