Tiny IP Box Uses Brute Force To Unlock Passcode On iPhone

Ali Salman
Posted Mar 18, 2015
14Shares
Share Tweet Submit

Every time Apple launches an upgrade to its iOS, it gets even more difficult to bypass a passcode lock. However, this tiny box uses brute force to extract the passcode from the device which enables users to access a device without the secure data being harmed.

As quoted by the MDSec, the device is pronounced the IP Box which is currently being used by repairers to bypass the passcode in iPads, iPhones and iPods whenever users forget them. The device has a cost, it comes in $294 which is quite a hefty price compared to the purpose.

The IP Box Tries Every Possible PIN Combination

The special characteristic of this IP Box is that not only can it bypass the passcode but also prevent data from wiping away after 10 failed attempts to lock the device. Every security measure adopted by Apple is hence dodged and the automated wipe mechanism is prevented. It sure looks like a useful too who’s cost will pay over time.

MDSec reports that, “This obviously has huge security implications and naturally it was something we wanted to investigate and validate.”

After the investigation process was complete, MDSec found out the way this IP Box worked, which is quite simple: The IP Box tried every combination possible, until the exact PIN is prompted which according to the math can take up to 111 hours to complete the process. The IP Box is connected directly to the power supply of the iPhone and every time it puts a bad combination, the power supply to iPhone is cut off before it can record a failed attempt.

“We plan to test the same attack on an 8.2 device and will update with our progress. In the mean time, our advice to all is ensure you have a sufficiently complex password applied to your device rather than a PIN,” exclaimed MDSec.

Fortunately enough, the IP Bxes are not so common or wide spread and the other factor contributing is that they cost a fortune compared to the purpose they’re hired for. Thus, they never will be enough to be carried by every stranger so chances are scarce for your device to end up here. Nonetheless, it sure is possible to access a device with a forgotten PIN on iOS 8. You can always put an alphabetical alphanumeric passcode to enhance security of your device.

All eyes on MDSec investigations until the next report comes out. That’s all for now folks, stay with us for more news, reviews and how-to’s. Also remember to share your views in the comments.

Share Tweet Submit