Skip to main content

You can hack almost any iPhone with just $100 worth of electronics

ios 11
Jessica Lee Star/Digital Trends
The FBI made headlines when it paid security contractors an estimated $1.3 million to unlock an iPhone 5C last year, but as it turns out, bypassing the security on Apple’s top-of-the-line headset doesn’t necessarily require a truckload of money — or the expertise of one of the world’s largest law enforcement agencies. A U.K.-based computer scientist demonstrated an exploit that requires no more than $100 worth of off-the-shelf equipment… and plenty of patience.

In a YouTube video posted Monday morning, Cambridge University’s Dr. Sergei Skorobogatov, a Russian senior research associate, said he’d successfully designed a hardware backdoor that allows any user to bypass the iPhone’s PIN security. Normally, iOS limits the number of incorrect PIN entries to six before locking for incrementally longer periods of time, but Skorobogatov’s solution allows a theoretically unlimited number of attempts. “I can repeat the process many many times until the passcode is found,” he said.

Related Videos

The exploit leverages vulnerabilities within the iPhone’s Nand, the chip responsible for the phone’s internal storage. Dr. Skorobogatov modified a target iPhone to accept chips from an external motherboard. He then detached the old Nand module, used off-the-shelf hardware components to digitally mirror the files it contained, and copied the resulting “clone” to a fresh chip. The iPhone couldn’t tell the difference — and after Skorobogatov seated and rewired the new chip in the phone’s board, the PIN attempt attempt counter reset to zero.

From that point, guessing the PIN is a trivial, albeit arduous, process. Dr. Skorobogatov said that a four-digit PIN took about 40 hours, and that a six-digit pin could potentially take hundreds of hours.

It’s not a holistic exploit. Dr. Skorobogatov said that iPhones newer than the iPhone 6 Plus would require a “more sophisticated” set-up — newer methods of encryption could make it “more challenging to analyse and copy,” he said. And Dr. Skorobagatov said that in fringe cases, the process could require “an advanced team of researchers” to undertake successfully. But other iOS devices are likely vulnerable. “iPads use very similar hardware, hence models which are based on A6 SoC or previous generations should be possible to attack,” Dr. Skorobogatov said. “Newer versions will require further testing.”

Dr. Skorobogatov’s work seems to contradict statements made by FBI Director James Comey. In March, he told press that Nand vulnerabilities “[wouldn’t] work” on the iPhone 5C the bureau was targeting.

But it’s not the first time the veracity of the FBI’s claim has come into question. In May, the Los Angeles Police Department managed to break into a locked iPhone 5S. And the Indian government claims it has a mobile forensics tool that can “[handle] smartphones including Apple phones.”

The FBI’s analysis of an iPhone 5C owned by Syed Farook, one of two shooters who perpetrated an attack in San Bernardino, California that left 14 people dead, made global headlines when the agency mounted legal action against Apple. It sought a court order requiring the Cupertino company to create a tool to bypass the iPhone 5C’s PIN protection.

Apple argued that such a backdoor would pose an omnipresent threat to the “privacy” and “security” of its customers — a sentiment echoed by hundreds of tech companies, privacy advocates, and human rights groups, as well as legal, tech, cryptology, and cybersecurity experts.

The FBI dropped its case after a team of anonymous hackers demonstrated a successful bypass of the phone’s security, but not before publicly condemning encryption technologies like those employed on Apple’s iOS devices. “[It’s the] essential tradecraft” of terrorists like the Islamic State, Comey told Reuters in July. He singled out WhatsApp, a messaging platform that enabled secured messaging and calling by default, as a platform “affecting the criminal work (of the FBI) in huge ways.”

In September, a group of publishers including the Associated Press, Vice Media, and Gannett Media, filed a freedom of information lawsuit against the FBI for failing to disclose the vulnerability — and consultants — it used in bypassing the iPhone 5C’s security. The case is currently pending before a circuit court judge.

Editors' Recommendations

The one thing the iPhone 14, Galaxy S23, and Pixel 7 all get wrong
Apple iPhone SE (2020) being plugged in to charge.

At Mobile World Congress (MWC) this year, new smartphones broke cover as one would expect. I won't bore you with all the details; Digital Trends' Joe Maring and Jacob Roach wrote an excellent roundup of all the best MWC 2023 announcements already.

One key quality-of-life-improving feature we picked up on as a theme was charging speed. Apple, Samsung, and Google, the mainstream phone brands by coverage (even if not all by sales), stick to a fast-charging average speed of just over an hour — even with the latest iPhone 14, Galaxy S23, and Pixel 7. By comparison, a phone from Xiaomi, Oppo, or OnePlus can get you moving in 30 minutes or even less. It's time to demand more from our phones.
Fast charging exists — just not for you

Read more
I created the perfect iPhone home screen — and you can too
iPhone 14 Pro with custom home screen icons and widgets

With iOS 14, Apple began to open the floodgates for software customization on the iPhone. For the first time, you could add widgets to the home screen and even change app icons to custom ones without the need for a jailbreak. And iOS 16 gave us some more customization options in the form of the lock screen, although the interface for that is su-par, to say the least.

While I see a lot of people still use a stock grid layout on their home screen, I took some time when iOS 14 first came out to customize my iOS experience. I enjoy that it’s not just a boring grid of stock icons — having custom icons and widgets really mix things up a bit and gives me a more informative home screen.

Read more
Apple, please release the iPhone 14 in these colors next 
Mockup render of the iPhone 14 in an orange color.

You've probably heard the news by now. Earlier this week, Apple released a new yellow color for the iPhone 14 and iPhone 14 Plus -- and it's now up for pre-order. Does it look good? I sure think so! It's a bright, vibrant, and saturated yellow that adds a lot of pop to a mostly muted color palette for the iPhone 14 series.

But as much as I like how the yellow looks, it's not the only color I'd love to see the iPhone come in. There are so many possibilities for future iPhone colors, and if Apple's looking for a few tips on what to do next, I have some suggestions. Here are five colors Apple should release the iPhone 14 in next (hopefully soon).
Dark green

Read more