Researchers bypass Apple Activation Lock on iOS 10.1.1

Researchers bypass Apple Activation Lock on iOS 10.1.1
Activation Lock is an iOS feature that everyone hopes they won't have to use. It was introduced with iOS 7 and it allows users to remotely lock their device, in case it's stolen or misplaced. If someone wants to use the device afterwards, they will have to connect it to a Wi-Fi network and provide the Apple ID and password that were used to lock it.

Back in October, Hemanth Joseph, a security researcher, managed to crack through Activation Lock on an iPad by entering extremely long strings of characters in all fields of the Wi-Fi setup. This made iOS freeze and, when combined with opening and closing of the iPad's Smart Cover, gave Joseph access to the device's home screen.

Allegedly, the loophole was later fixed by Apple with the release of iOS 10.1.1, but another researcher proved otherwise. Benjamin Kunz Mejri of Vulnerability Lab managed to recreate the issue by tweaking the method a little bit. In addition to using the Smart Cover, he utilized screen rotation to achieve the same effect – gaining access to the home screen.



This exploit gave Benjamin only a brief view of the home screen, but he claims that it can be prolonged by clicking the home button in that small window of time. Therefore, the Activation Lock can still be bypassed with relative ease.

In the meantime, we here at PhoneArena hope that we won't need to use Activation Lock anytime soon.

PhoneArena is on Instagram. Follow us to stay updated with fresh news and flashy media from the world of mobile!

source: Vulnerability Lab via AppleInsider

FEATURED VIDEO

7 Comments

1. RoboticEngi

Posts: 1251; Member since: Dec 03, 2014

But but but, that is impossible...........

5. Wiencon

Posts: 2278; Member since: Aug 06, 2014

Did you even watch the video? He can only see the home screen but can do absolutely nothing from there. Similar "exploits" where done in the past and you still can't do squat using them And there is no absolutely unhackable software

6. VZWuser76

Posts: 4974; Member since: Mar 04, 2010

The is the whole point many are making. You've got people like piyath below who every time something similar happens on Android, they make it out like it's just the way Android is. Now that it happens to Apple, all software can be hacked and it no big deal. Rather than keep lobbing insults back and forth, why don't both sides just enjoy what they have. It's like a grade school playground in here.

8. xondk

Posts: 1904; Member since: Mar 25, 2014

Exactly, though add that this is...buffer overflow, probably one of the easiest things to avoid, but limiting stuff correctly, I have to wonder what else can be missed when this can. That said I'm sure it will be fixed fast, and that some dev is kicking himself, but even so.

3. piyath

Posts: 2445; Member since: Mar 23, 2012

This will be patched very soon by Apple...

4. Darkkracker

Posts: 255; Member since: Jun 11, 2016

Hope so

7. steodoreben

Posts: 379; Member since: Sep 26, 2013

LOL. Researchers from Vulnerability Lab were not alone. NSA is always there.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.