Indian researcher finds bug in iPhone, iPad activation lock


An Indian security researcher has discovered a bug that could allow someone to bypass Apple’s activation lock in its iOS 10.1 version, according to a media report today.

Hemanth Joseph, who works out of Kerala, exploited a weakness in the iOS device setup process. He then tested it on a locked iPad he purchased online.

When asked to choose a WiFi network, he simply chose ‘other network’ and then proceeded to fill its name and a WPA2-enterprise key in with thousands of characters. His thought was that enough data in those fields would cause the device to freeze, and he was right, the Forbes reported.

After figuring out how to freeze the iPad, he began to work on a way to make the setup process fail and drop him on the home screen.

Pressing the sleep/wake button merely restarted the wizard, but with a little help from the magnetic catch in Apple’s Smart Cover and some practice to perfect the timing, Joseph succeeded. He demonstrated the bypass in a video uploaded to Google Drive, the report said.

After figuring out how to freeze the iPad, he began to work on a way to make the setup process fail and drop him on the home screen.

The bug discovered by Joseph was reportedly fixed in an iOS update last month.

 

(source: CatchNews)

Have Something to Say? Comment on Facebook

Leave a Response