cool hit counter Hackers claim to be able to brutally crack iPhones, Apple: it's not that simple_Intefrankly

Hackers claim to be able to brutally crack iPhones, Apple: it's not that simple

Text/Oriental Yilu

Recently, Matthew Hickey, co-founder of cybersecurity firm Hacker House, claimed to have discovered a new way to bypass iPhone and iPad passcode lock restrictions. The method requires connecting the iPhone to the computer via a Lightning cable and tapping out a code with the keyboard that will trigger an interrupt request that takes precedence over all other requests.

That is, an intending cracker can send successive different password requests in this context, so that the system will be too busy processing the requests to trigger the command to lock or delete data for a long time, allowing the attacker to make an unlimited number of password breaking attempts.

Hickey has now reported the vulnerability to Apple and says that it is not very difficult to find, so it may be noticed by others. Previous companies such as Cellebrite, which offered officials a way to unlock the San Bernardino shooter's iPhone, likely took advantage of the vulnerability.

But Apple said in a recent statement to the public that Hickey's claims were "based on the results of a faulty test". And after that Hickey posted a message in a tweet agreeing with Apple's statement and revising his previous statement, saying that the method may not be in the same condition as originally envisioned.

Hickey said not all PINs tested go to the Secure Enclave Processor, because of fast input and misdial conditions that make some PINs appear to be being tested but not actually sent, so they don't get counted. In short, it means that although long strings of passwords are sent to the phone, the phone actually only records a few.

Still, Apple has taken precautions by including a restricted mode in iOS 12, which is the ability to cut off the iPhone's connection to the computer via USB for one hour after a wrong password is entered, thus preventing iOS passwords from being brutally cracked by hackers.

In fact, going back further, in the Beta version of iOS 11.4, USB Restricted Mode has been set up for the purpose of improving security. In this mode, if you want to get data from your iOS device via USB, you must ensure that the device is unlocked. When the device is locked, a password needs to be entered after connection to establish a data connection.

This is certainly safer for the average user, but it amounts to another layer of barrier for official forensics. This was set up for GrayKey, the little box that claims to "crack everything on the iPhone". Its company, GrayShift, has been reluctant to reveal the cracking method, but Apple's setup this time will probably be able to cut off its cracking vulnerability at the root.

There has been no end to the so-called "cracks" about Apple. But the Apple system itself is closed, coupled with today's increasingly stringent controls in this area, Apple is taking action to tell all parties that it is "not that simple" to crack IOS.

1、InterviewWhat is Itu which has raised 380 million doing in the AI healthcare space
2、ExclusiveFei Li tells us himself leaving Google is fake news
3、Heavyweight Baidu open source distributed deep learning platform to challenge TensorFlow tutorial
4、Custom Unity container extensions UnityApplicationBlockEventBroker

    已推荐到看一看 和朋友分享想法
    最多200字,当前共 发送