You can hack almost any iPhone with just $100 worth of electronics

ios 11
Jessica Lee Star/Digital Trends
The FBI made headlines when it paid security contractors an estimated $1.3 million to unlock an iPhone 5C last year, but as it turns out, bypassing the security on Apple’s top-of-the-line headset doesn’t necessarily require a truckload of money — or the expertise of one of the world’s largest law enforcement agencies. A U.K.-based computer scientist demonstrated an exploit that requires no more than $100 worth of off-the-shelf equipment… and plenty of patience.

In a YouTube video posted Monday morning, Cambridge University’s Dr. Sergei Skorobogatov, a Russian senior research associate, said he’d successfully designed a hardware backdoor that allows any user to bypass the iPhone’s PIN security. Normally, iOS limits the number of incorrect PIN entries to six before locking for incrementally longer periods of time, but Skorobogatov’s solution allows a theoretically unlimited number of attempts. “I can repeat the process many many times until the passcode is found,” he said.

The exploit leverages vulnerabilities within the iPhone’s Nand, the chip responsible for the phone’s internal storage. Dr. Skorobogatov modified a target iPhone to accept chips from an external motherboard. He then detached the old Nand module, used off-the-shelf hardware components to digitally mirror the files it contained, and copied the resulting “clone” to a fresh chip. The iPhone couldn’t tell the difference — and after Skorobogatov seated and rewired the new chip in the phone’s board, the PIN attempt attempt counter reset to zero.

From that point, guessing the PIN is a trivial, albeit arduous, process. Dr. Skorobogatov said that a four-digit PIN took about 40 hours, and that a six-digit pin could potentially take hundreds of hours.

It’s not a holistic exploit. Dr. Skorobogatov said that iPhones newer than the iPhone 6 Plus would require a “more sophisticated” set-up — newer methods of encryption could make it “more challenging to analyse and copy,” he said. And Dr. Skorobagatov said that in fringe cases, the process could require “an advanced team of researchers” to undertake successfully. But other iOS devices are likely vulnerable. “iPads use very similar hardware, hence models which are based on A6 SoC or previous generations should be possible to attack,” Dr. Skorobogatov said. “Newer versions will require further testing.”

Dr. Skorobogatov’s work seems to contradict statements made by FBI Director James Comey. In March, he told press that Nand vulnerabilities “[wouldn’t] work” on the iPhone 5C the bureau was targeting.

But it’s not the first time the veracity of the FBI’s claim has come into question. In May, the Los Angeles Police Department managed to break into a locked iPhone 5S. And the Indian government claims it has a mobile forensics tool that can “[handle] smartphones including Apple phones.”

The FBI’s analysis of an iPhone 5C owned by Syed Farook, one of two shooters who perpetrated an attack in San Bernardino, California that left 14 people dead, made global headlines when the agency mounted legal action against Apple. It sought a court order requiring the Cupertino company to create a tool to bypass the iPhone 5C’s PIN protection.

Apple argued that such a backdoor would pose an omnipresent threat to the “privacy” and “security” of its customers — a sentiment echoed by hundreds of tech companies, privacy advocates, and human rights groups, as well as legal, tech, cryptology, and cybersecurity experts.

The FBI dropped its case after a team of anonymous hackers demonstrated a successful bypass of the phone’s security, but not before publicly condemning encryption technologies like those employed on Apple’s iOS devices. “[It’s the] essential tradecraft” of terrorists like the Islamic State, Comey told Reuters in July. He singled out WhatsApp, a messaging platform that enabled secured messaging and calling by default, as a platform “affecting the criminal work (of the FBI) in huge ways.”

In September, a group of publishers including the Associated Press, Vice Media, and Gannett Media, filed a freedom of information lawsuit against the FBI for failing to disclose the vulnerability — and consultants — it used in bypassing the iPhone 5C’s security. The case is currently pending before a circuit court judge.


Apple loses battle to use Intel modems in Germany in latest clash with Qualcomm

Apple is following the Federal Trade Commission's lead and has sued Qualcomm for a massive $1 billion in the U.S., $145 million in China, and also in the U.K., claiming the company charged onerous royalties for its patented tech.

Need more power now? Here's how you can fast charge your iPhone

The new iPhones have almost everything an iOS addict could want -- except for a fast charger. If you need your iPhone powered back up in a hurry, here's everything you need to know to get your iPhone charged up quickly.

New rumors suggest the iPhone 2019 will continue to use Lightning over USB-C

While it's not been long since the last iPhones launched, rumors for the next iPhone are already surfacing. Apple's 2019 flagship could include a variety of upgrades ranging from a new design to enhanced features.

Tight on space? Here’s how to transfer photos from an iPhone to a computer

Never lose any of your cherished selfies or family vacation photos from your iPhone again by learning how to transfer photos from your iPhone to a computer, whether you want to use a cable or wireless transfer.

North Focals smartglasses discount cuts the price by a massive $400

Canadian startup North is hoping smartglasses will be the next big wearable. After announcing its new Focals smartglasses in late 2018, the company opened product showrooms in Brooklyn and Toronto and has made its first shipment.

New Apple patent hints clamshell-style foldable phone may be in the works

Apple has filed a patent for a foldable phone that suggests the company could be following in the footsteps of the likes of Samsung and Huawei. The patent describes a clamshell-style foldable phone with two separate sections.

Exclusive: Take a look at what a next-generation 5G phone will look like

With 5G phones debuting at MWC in mere days, there is discussion about whether they will be clunky bricks that die after a few hours? A reference design from Qualcomm offerrs a glimpse of the future: This is what 5G phones will look like.

Xiaomi Mi 9 will be one of the first phones with monster Snapdragon 855 chip

Xiaomi's next major smartphone release will be the Mi 9, and the company hasn't held back in giving us a good look at the phone, revealing the design, the camera, and a stunning color.

Galaxy Watch Active isn't official yet, but you can see it in Samsung's own app

Samsung may be about to resurrect its Sport line of smartwatches under a new name: The Galaxy Watch Sport Active. Leaks and rumors are building our picture of the device at the moment.

Stop buying old tablets, says Samsung, buy the new Galaxy Tab S5e instead

Samsung has launched the Galaxy Tab S5e -- the E is for Essential -- a reasonably priced tablet that includes many of the features we like from the Tab A 10.5, and the Tab S4. Here's what you need to know.

Bag yourself a bargain with the best budget tablets under $200

The battle for your budget tablet affections is really ramping up. Which tablet, costing less than $200, should be commanding your attention? We take a look at some different options for the budget-conscious.

What is Wi-Fi 6? Here's a look at the next evolution of the wireless standard

We're exploring the new naming convention for wireless standards, how it affects the devices you buy, and what the upcoming Wi-Fi generation is changing for the better.
Home Theater

Samsung accidentally leaks its new Galaxy Buds ahead of launch

It's been all but certain that Samsung would launch a successor to its Gear IconX wireless earbuds soon, but a newly leaked photo and recent FCC certification document seems to indicate that the debut is very close.

Focals succeed where Google Glass fumbled (but do we really need smartglasses?)

It’s been seven years since Google took the wraps off Google Glass. Now, we’re finally getting a modern-day equivalent we want to wear. North’s Focals combine subtle style with an intuitive interface to craft smartglasses you’ll…