Saktanong - stock.adobe.com
Security researcher and co-founder of cyber security firm Hacker House, Matt Hickey, said an attacker would be able to bypass iPhone protections by sending a stream of all possible passcode combinations to the device to trigger an interrupt request.
He said that once triggered, the interrupt request takes precedence over other operations, enabling an attacker to bypass Apple’s safeguards.
Since iOS8, these safeguards included delays required between incorrect passcode entries and an option to wipe data after 10 failed log-in attempts.
“If you send your brute-force attack in one long string of inputs, it’ll process all of them, and bypass the erase data feature,” Hickey told ZDNet.
Apple responded by saying that Hickey’s claims are erroneous. “The recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing,” the company said in a statement to AppleInsider.
Hickey then backtracked from his original claims, tweeting: “It seems @i0n1c [Stefan Esser] may be right, the pins don’t always go to the SEP in some instances (due to pocket dialing/overly fast inputs), so although it ‘looks’ like pins are being tested, they aren’t always sent and so they don’t count, the devices register less counts than visible @Apple.”
He subsequently tweeted: “Updated with comments from Apple and reviewing @i0n1c remarks about the inputs not actually being recognised on the device. Sorry to get your hopes up.”
“I went back to double check all code and testing. When I sent codes to the phone, it appears that 20 or more are entered, but in reality it’s only ever sending four or five pins to be checked,” he told ZDNet.
Apple is reportedly working to block all USB-related iPhone and iPad exploits with a software update towards the end of the year.
The planned update, called iOS 12, includes a new USB Restricted Mode that disables hardwired USB data connections if a correct passcode is not provided after a predetermined time period.
According to Apple, the feature will disrupt unwarranted iPhone access by hackers and governments.