Apple Researcher’s iPhone Passcode Hack Findings Were Incorrect

in apple •  6 years ago 


Yesterday, we reported something that troubled Apple users. However, we now have good news for them. The supposed iPhone passcode hack demonstrated by a researcher was nothing but ‘wrong testing’ claimed by Apple. It means your iPhone passcodes are still safe.

Apple Claims The Alleged iPhone Passcode Hack Was Wrong Testing


The news about iPhone passcode hack discovered by a security researcher Matthew Hickey recently flooded the Internet. He demonstrated in a video that Apple has an ‘erase data’ UI glitch due to which anyone can crack the iPhone passcode. According to him, sending in a long string of passcodes without breaks will confuse the iOS software as a single attempt. Thus, it will override the erase data feature that wipes the device after multiple attempts of inputting wrong passcodes.

However, right after his video surfaced online, Apple, as well as many other researchers were taking notice. People were skeptical about his conclusions and the testing method. Will Strafach, CEO Sudo Security Group, said in his tweet,

https://twitter.com/chronic/status/1010292033670479872

Stefan Esser, a German security researcher and the CEO of Antid0te, also expressed his observation in his tweet.

https://twitter.com/i0n1c/status/1010279259376640005

Eventually, Apple confirmed in a statement to Apple Insider, that the so-called hack was nothing but ‘incorrect testing’.

“The recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing.”
It was revealed that the software simply ‘shows’ as if the passcodes are being tested after receiving a long string input. But, as explained by Stefan Esser, the device simply ignores all other codes after a testing a few initially. And, it will continue to do so until the string is broken. And, as we know, after the break, the input will be the second attempt. Thus, there seems to be no erase-data glitch as reported by Hickey.

Researcher Confesses an Incorrect Observation

Matthew Hickey accepts incorrect findings. After discussion with other security researchers (as evident from his Twitter account), he eventually reached a conclusion, about which he tweeted later on.

https://twitter.com/hackerfantastic/status/1010631766087032832

He also said ‘sorry’ to the people in another tweet.

https://twitter.com/hackerfantastic/status/1010699899682213888

Although Hickey’s findings didn’t prove fruitful (for hackers), he succeeded in alerting the security team at Apple who did take serious notice of the potential flaw and responded accordingly.


Posted from my blog with SteemPress : https://latesthackingnews.com/2018/06/25/apple-researchers-iphone-passcode-hack-findings-were-incorrect/

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!