Wednesday, 18 March 2015

IP Box Can Lock Screen iPhones Brute forcing

Researchers have discovered a device that makes it possible to brute forcing the lock screen of iPhones and iPads. IP Box, as the device is called, would be used by telephone repairmen to bypass the screen lock of iOS. "This obviously has major implications for the safety and of course was something that we wanted to investigate and validate" said researchers MDSec .

They did eventually get to 200 pounds one of the devices. The IP Box appears to simulate via the USB connection to enter the PIN and also tries all possible pin combinations. According to the researchers, this has been known, but the device also works if the option is enabled to delete the data after 10 attempts.

"Our initial analysis indicates that the IP Box to circumvent the restrictions by making direct with the power of the iPhone connection and aggressively to break the flow after each unsuccessful PIN, but before the attempt is synchronized in the Flash memory." Entering a PIN would therefore take about 40 seconds. A four-digit PIN can therefore be outdated in some 111 hours.

The attack has been tested on iOS 8.1. An attack on iOS 8.2 will follow. The research would show that it is possible to have a leak was discovered last year, but this has yet to be confirmed. The researchers made ​​the following video on YouTube in which the device and the attack will be demonstrated.

No comments:

Post a Comment