At the end of last week, information security specialist Matthew Hickey announced the possibility of hacking Apple’s smartphones running iOS 11 through a full search of passwords. Hickey recorded a video that demonstrates the process of sorting code combinations of symbols – this is done by connecting via the Lightning cable.
In the mobile Apple OS, various types of protection against unauthorized hacking are used. In particular, the user can configure the system so that after 10 attempts to enter incorrect data all information on the mobile phone is erased. Either the smartphone may not respond to entering passwords for a given time.
Apple iOS “Erase data” UI glitch from Hacker Fantastic on Vimeo.
As Hickey claimed, with a wired connection to an Apple smartphone, you can send a huge number of passwords at once. Allegedly the system perceived such packages as single input attempts, loading them into Secure Enclave, from where it checked in turn.
The American corporation reacted quickly to the statements of the expert, stating (without details) that the chosen algorithm does not work and the testing was wrong. A little later it was confirmed by Hickey. He explained that in fact the system did not check all the passwords sent to it, ignoring the “lightning” input.