Despite the efforts made by Apple to protect its systems and devices from breaches and hackers, but from time to time a veteran hacker can penetrate the fortified defenses. Which proves that the challenge against Apple and its protection system will remain until the end. We mentioned in news on the sidelines, for example, that a hacker was able to jailbreak the iOS 12 beta. Today, a hacker does a dangerous trick by which he can exceed the maximum limit for entering the password to unlock the iPhone! How was this done?
It is known that Apple only allows ten wrong attempts to enter the password to unlock the iPhone-lock, then after those failed attempts the system automatically wipes all the contents that are on it forever (if you choose this command from the settings) or stop the iPhone for very long periods of up to tens The years
This security measure is among the security rules and privacy protection that Apple has established in its systems. The truth is that this issue exhausted and angered security forces around the world, especially the US Federal Investigation Department, as they want to access the contents of the suspects' or accused's phones, and this is only done by entering the password endlessly so that they can unlock the phone without any restrictions. However, Apple and other companies prevented that and set limits for entering passwords. ”Even Apple itself does not have access to the user’s passcode, and only the owner of the device can unlock his device. That is why these companies resorted to expensive devices to be able to unlock the phone, and from these devices that we talked about in previous articles GrayKey device.
Matthew Hickey, a security researcher and co-founder of cybersecurity company Hacker House, has uncovered a potential way to bypass the security limits allowed for the number of times an iPhone unlock code is entered, allowing him to enter the largest number of passcodes even on recent versions like iOS 11.4 so you can Unlock the iPhone.
In order to do this, Hickey used an external keyboard only and used it to type in the password instead of the keyboard on the iPhone screen. Thus, you can enter as many passwords as you want, without a maximum limit, to be able to unlock the device.
You can watch the video
It seems that this method works, but it is not of a huge risk because the input is slow and the sites estimated that you can try 100 passwords per hour, for example, but in the end the method works and may be very dangerous because there are many users who did not update to iOS 11.4 because they are waiting for the jailbreak. But certainly Apple will close this loophole, or indeed close it, because it appears in the video that the hacker is running on a system 11.3, so perhaps its vulnerability was closed in 11.4. In general, rest assured, and in iOS 12, you will get a new protection layer, which is to prevent connection to USB devices if more than an hour has passed since the last use of the device.
Are you worried about vulnerabilities appearing in iOS? What do you think of this vulnerability to bypass the maximum password experiment?
Sources:
20 comment