You can hack almost any iPhone with just $100 worth of electronics

ios 11
Jessica Lee Star/Digital Trends
The FBI made headlines when it paid security contractors an estimated $1.3 million to unlock an iPhone 5C last year, but as it turns out, bypassing the security on Apple’s top-of-the-line headset doesn’t necessarily require a truckload of money — or the expertise of one of the world’s largest law enforcement agencies. A U.K.-based computer scientist demonstrated an exploit that requires no more than $100 worth of off-the-shelf equipment… and plenty of patience.

In a YouTube video posted Monday morning, Cambridge University’s Dr. Sergei Skorobogatov, a Russian senior research associate, said he’d successfully designed a hardware backdoor that allows any user to bypass the iPhone’s PIN security. Normally, iOS limits the number of incorrect PIN entries to six before locking for incrementally longer periods of time, but Skorobogatov’s solution allows a theoretically unlimited number of attempts. “I can repeat the process many many times until the passcode is found,” he said.

The exploit leverages vulnerabilities within the iPhone’s Nand, the chip responsible for the phone’s internal storage. Dr. Skorobogatov modified a target iPhone to accept chips from an external motherboard. He then detached the old Nand module, used off-the-shelf hardware components to digitally mirror the files it contained, and copied the resulting “clone” to a fresh chip. The iPhone couldn’t tell the difference — and after Skorobogatov seated and rewired the new chip in the phone’s board, the PIN attempt attempt counter reset to zero.

From that point, guessing the PIN is a trivial, albeit arduous, process. Dr. Skorobogatov said that a four-digit PIN took about 40 hours, and that a six-digit pin could potentially take hundreds of hours.

It’s not a holistic exploit. Dr. Skorobogatov said that iPhones newer than the iPhone 6 Plus would require a “more sophisticated” set-up — newer methods of encryption could make it “more challenging to analyse and copy,” he said. And Dr. Skorobagatov said that in fringe cases, the process could require “an advanced team of researchers” to undertake successfully. But other iOS devices are likely vulnerable. “iPads use very similar hardware, hence models which are based on A6 SoC or previous generations should be possible to attack,” Dr. Skorobogatov said. “Newer versions will require further testing.”

Dr. Skorobogatov’s work seems to contradict statements made by FBI Director James Comey. In March, he told press that Nand vulnerabilities “[wouldn’t] work” on the iPhone 5C the bureau was targeting.

But it’s not the first time the veracity of the FBI’s claim has come into question. In May, the Los Angeles Police Department managed to break into a locked iPhone 5S. And the Indian government claims it has a mobile forensics tool that can “[handle] smartphones including Apple phones.”

The FBI’s analysis of an iPhone 5C owned by Syed Farook, one of two shooters who perpetrated an attack in San Bernardino, California that left 14 people dead, made global headlines when the agency mounted legal action against Apple. It sought a court order requiring the Cupertino company to create a tool to bypass the iPhone 5C’s PIN protection.

Apple argued that such a backdoor would pose an omnipresent threat to the “privacy” and “security” of its customers — a sentiment echoed by hundreds of tech companies, privacy advocates, and human rights groups, as well as legal, tech, cryptology, and cybersecurity experts.

The FBI dropped its case after a team of anonymous hackers demonstrated a successful bypass of the phone’s security, but not before publicly condemning encryption technologies like those employed on Apple’s iOS devices. “[It’s the] essential tradecraft” of terrorists like the Islamic State, Comey told Reuters in July. He singled out WhatsApp, a messaging platform that enabled secured messaging and calling by default, as a platform “affecting the criminal work (of the FBI) in huge ways.”

In September, a group of publishers including the Associated Press, Vice Media, and Gannett Media, filed a freedom of information lawsuit against the FBI for failing to disclose the vulnerability — and consultants — it used in bypassing the iPhone 5C’s security. The case is currently pending before a circuit court judge.

Product Review

4 Lenses, 40 megapixels, and 400k ISO. Huawei’s P30 Pro is a photography freak

Huawei’s P-series phones place an emphasis on the camera. That’s why the company partnered with Leica on the camera tuning. The latest phone is the Huawei P30 Pro, and it must fill the big shoes of last year’s stunning P20 Pro. Is it…

It’s time to check out the best Apple Watch deals for March 2019

The Apple Watch has surged to prominence in recent years. If you're in the market for an iOS wearable, we've sniffed out the best Apple Watch deals available right now for all three models of this great smartwatch.

Apple Pay will be available at 70 percent of U.S. retail locations this year

Apple Pay is growing rapidly, so we've built a list of all the vendors, retailers, and companies worldwide that plan to support Apple's burgeoning mobile payment platform or already do.

Apple's iOS 12.2 brings support for Apple News Plus and new AirPlay 2 features

After months of betas, the final version of iOS 12 is here to download. The latest OS comes along with tons of new capabilities, from grouped notifications to Siri Shortcuts. Here are all the features you'll find in iOS 12.

Rooting your Android device is risky. Do it right with our handy guide

Wondering whether to root your Android smartphone or stick with stock Android? Perhaps you’ve decided to do it and you just need to know how? Here, you'll find an explanation and a quick guide on how to root Android devices.
Product Review

Compared to the P30 Pro, Huawei may have stripped too much out of the P30 phone

Has Huawei pulled all the best parts out of the P30 Pro to make the P30, its cheaper, smaller sister phone? Yes, but the answer is more complicated than that. Here’s our look at the 6.1-inch P30.

Carbon fiber is making Casio’s new connected G-Shock watches even tougher

Casio, a master of tough watches, has introduced carbon fiber to the construction of several G-Shock models, making them stronger and lighter, and allowing for some interesting design changes too.

Huawei P30 Pro vs. Mate 20 Pro vs. P20 Pro: Which Huawei flagship is best for you?

If you're after a Huawei smartphone, but can't pick between this year's flagship and the previous two, or maybe you're looking to upgrade, we're here to explain what makes the P30 Pro, P20 Pro, and Mate 20 Pro different.

Huawei P30 Pro vs. Huawei P30: Should you go pro or save some dough?

The latest phones from Huawei are seriously powerful, eye-catching devices, but what sets them apart? We take a look at the Huawei P30 Pro and compare it to the Huawei P30 in various categories to uncover the differences.

The 13 best iPhone 7 Plus cases to protect your Apple phone

The iPhone 7 Plus is big and beautiful, but you need to wrap it up if you want to protect it from damage. We’ve rounded up some of the best iPhone 7 Plus cases and covers available. Get some protection or a new style today.

Huawei’s Eyewear smartglasses aim to fuse fashion and tech

At its launch event for the new P30 and P30 Pro smartphones, Huawei surprised us with a pair of smart glasses. Created through a partnership with Gentle Monster, these glasses are designed to be stylish and act like a Bluetooth headset.

Galaxy S8 owners on Sprint start receiving the Android Pie update

Android 9.0 Pie has been released. But is your phone getting Android 9.0 Pie, and if so, when? We've done the hard work and asked every device manufacturer to see when their devices would be getting the update.

Huawei P30 Pro vs. Samsung Galaxy S10 Plus: 2019’s biggest flagships clash

Huawei launched the powerful P30 Pro. It's a beautiful phone with tons of power and some extremely capable cameras. But you could also describe the Galaxy S10 Plus that way — so which is better?

Huawei adds a new, smaller Elegant size to the Huawei Watch GT range

Huawei launched two new versions of the Huawei Watch GT. The first, the Huawei Watch GT Active, comes with two new colors. The Huawei Watch GT Elegant comes with a smaller frame and a more elegant and stylish look.