Discover the loophole a new iPhone for the

Source: gate Arab news technical

آيفون

Locked Apple a perpetual battle to keep hackers and pirates away from its organs, and try to protect those devices and make them safe, but it seems that one of the security researchers discovered a loophole that helped him bypass the passcode that protects any device powered by the operating system iOS iOS, including iPhone, computers, iPad tablets, outpacing the security mechanisms of your software the history behind the devices at risk of exploitation, through an attack of blind force.

For clarity, the attack of the blind, is a type of attack that depends on the ciphertext only, and through it try to workout all the symbols possible to decode the encrypted text, presumably the kind of attack that the organization is aware of the boards consultation as well as all the icons possible, the use of this type of attack in the former is difficult, but in the presence of computers it became easier.

And all devices iPhone computers iPad tablet with encryption, since the introduction of iOS 8 in 2014, and often protected by a pass code composed of four or six numbers, making it almost impossible to break into this hardware and software without the cooperation of the device owner, and in the case has been entered the wrong passcode many times, the device is wiped.

These security measures are the cornerstone of the privacy policy of Apple company in recent years, which has angered in turn, the law enforcement agencies that have adopted to be able to access data of the iPhone by introducing an infinite number of passcodes or claim of the company to obtain the information of the device, by knowing that Apple does not have access to the user’s pass code, so it is theoretically the owner of the device just to unlock the device.

Discover Matthew Hickey Matthew Hickey, a security researcher and co-founder of e-security the hacker house Hacker House recently way to bypass some of the security measures for Apple, which aims to prevent malicious actors from accessing the hardware, so that works attack even on devices running the latest version of iOS 11.3, and I heard no gaps to exceed the maximum allowed which is 10 times the introduction of the largest possible number of passcodes without having to destroy the existing data on the device.

Offers heck in a video clip posted over the internet how to process immigration status only to a locked Device Cable Lightning, so that when you connect your iPhone or computer, iPad Tablet hacker can use keyboard input to enter my guess the passcode instead of clicking on the numbers on the screen of the device, when this happens is run to request the county takes priority over everything else happening within the device.

Can the attacker create a huge chain of inputs and send them all at once, so that the system allows the iOS as soon as the endless variety of guesses without destroying the device’s data, and this type of attack is slow, requiring to enter a passcode between three to five seconds, which means that the attacker need a full hour to enter about 100 a passcode consisting of four digits, but it seems that it is effective even with iOS devices running the latest version 11.3.

This is the gap tool of value to government agencies and groups that work with law enforcement agencies in order to gain access to the iPhone’s encrypted, it is not yet clear whether the gap is already in use by devices such as GrayKey the user to decrypt the phones manufactured by Apple.

The attack becomes blind force less the value with the Apple TV version for the next system operating iOS 12 later this year, providing Apple’s new feature called restricted mode via USB, and once it arrives, you will work water on the restriction of USB access on iOS devices after the closure of the iPhone computer or iPad tablet for one hour, which makes the device a black box, if you hacked in 60 minutes.

Link to it from the source: the discovery of a new vulnerability know iPhone at risk

Leave a Reply

Your email address will not be published. Required fields are marked *