Source: National Cyber Security – Produced By Gregory Evans
Devices that break into iPhones by brute-forcing passwords have been around since the iPhone was released, but iOS engineers developed countermeasures, including the latest: a nuclear option that wipes phone data if the wrong password is entered 10 times. But this clever (and insidious) $300 black-market IP Box has beaten that system by plugging directly into the phone, according to a post by security consultancy firm MDSec. The MDSec tinkerers believe that the IP Box gets around the auto-wipe by plugging into the lightning charging port and, if the password fails, instantly rebooting the phone before it can save that failed attempt into its flash memory. Perpetual rebooting extends the time it takes to find the right password to about 111 hours, but a wiped phone is far less useful to a potential hacker than one with user data intact. Below is the firm’s demonstration of the IP Box in action: MDSec used the IP Box to successfully crack phones running Apple iOS 8.1, and they will attempt to repeat the break-in on a phone running the latest iOS, 8.2, which was released weeks ago. MDSec theorizes that this method could be an automated exploit of a known issue, CVE-2014-4451, […]
For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com
The post Your iPhone And iPad Just Got Easier Than Ever To Hack appeared first on National Cyber Security.
View full post on National Cyber Security