Security researchers have discovered a couple of different ways to bypass Apple’s Activation Lock.
The researchers discovered two different exploits, one affecting iOS 10.1, and the other impacting devices running iOS 10.1.1 that could allow attackers to break the Activation Lock on Apple devices — a feature that, normally, makes it nearly impossible for someone to wipe and set up a device that they don’t own. Along with features like Find My iPhone, Activation Lock is part of the many security features present in Apple devices. And, in fact, Apple’s deterrents may be a reason why phone thefts have been sharply declining.
Which is why a workaround for any of those measures is understandably pretty worrying to security professionals.
The iOS 10.1 bug was first discovered by Hemanth Joseph, a security researcher based out of Kerala, India. He discovered that, choosing the “other network” Wi-Fi option and inputting thousands of characters into the passkey field would freeze the device. He then devised a way, using Apple’s Smart Cover and some precise timing, to make the startup wizard fail and go straight to the device’s home screen. Joseph used the exploit on a locked iPad he bought from eBay, and demonstrated the exploit on a Google Drive video.
The second exploit — this one affecting devices with iOS 10.1.1 installed — was recently discovered by security researchers at Vulnerability Lab. It uses a method similar to Joseph’s, but relies on rotating the device while it’s overwhelmed with data to get the home screen to appear. You can see their method in the video below.
In the Vulnerability Lab video, the home screen only flashes for a second — so it’s currently unknown if the exploits are actually of any real danger. But Benjamin Kunz-Mejri, one of the organization’s cofounder, said that access to the home screen can be maintained by quickly pressing the power button, according to Security Week.
Luckily, the exploit first found by Joseph appears to have been patched by Apple in a Nov. 16 iOS update. The second exploit is still fair game, but Apple might remedy the bug when iOS 10.2 finally drops, Forbes reported..