iPhone passcode lock defeated in 2 minutes (Update: Debunked)

iPhone passcode lock defeated in 2 minutes (Update: Debunked)

Summary: A Swedish developer's claims of defeating the iOS passcode lock in "2 minutes" is only true if the passcode is "0000" and if it doesn't use an A5 or A5X. Carry On.

SHARE:

[UPDATE 2012-0403: The legitimacy of Micro Systemation's claims below have been called into question. A post today on 9to5Mac, supported by prolific jail breaker Will Strafach (a.k.a. @chronic), asserts that Micro Systemation's claims of defeating the iPhone passcode lock in "two-minutes" is only true if a passcode is "0000." Strafach adds that the XRY tool cannot be used on devices using the A5 or A5X chip, including the iPhone 4S, iPad 2, and iPad 3. The video has since been removed from the Micro Systemation website and the company has not replied to requests for comment.]

Think that your iPhone is safe because you've set a four-digit passcode lock?

Think again.

In a video (since removed), Swedish software developer Micro Systemation demonstrates how its XRY 6.2 software and hardware can detect and display an iPhone passcode in under two minutes.

The company sells its wares to clients in law enforcement and the military to access the devices of criminal suspects or military detainees and evaluate their personal information.

After exposing the iPhone's passcode XRY can also dump the its data to a PC, decrypt it, and display information like the user’s GPS location, files, call logs, contacts, messages, even a log of its keystrokes.

In addition to the iPhone, XRY 6.2 also supports the iPad and over 6,600 different mobile device profiles including smartphones, GPS receivers, 3G modems, portable music players and a variety of tablet computers.

On Android, the authorities can sometimes use "reverse smudge engineering" instead of expensive software and hardware tools.

Tip: Forbes

Topics: Mobility, Hardware, iPhone, Smartphones

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

10 comments
Log in or register to join the discussion
  • Obviously, Apple intentionally left the way for iPhone to have external ...

    ... boot. The process of making device booted from external source via cable has nothing to do with whatever "hacking" or "cracking" -- it works every time on perfectly untouched ROM and iOS installation.

    However, Apple was not supposed to leave this back-door -- not at least "officially". They had to do close it, but they will not, because there are some conditions and unannounced agreements between Apple and USA's authorities.
    DDERSSS
    • Huh?

      "In addition to the iPhone, XRY 6.2 also supports the iPad and over 6,600 different mobile device profiles including smartphones, GPS receivers, 3G modems, portable music players and a variety of tablet computers."
      msalzberg
      • Huh?

        This has nothing to do with iPhone. To make iPhone boot via cable from external source, there is sequence of manipulations which has nothing to do with other companies' way to do this.
        DDERSSS
  • Huh?

    So in your conspiracy world, only Apple( <6% worldwide phone sales) allow the gooks to root your phone and the rest of the world has geeks root their phones?
    frogspaw
  • Auto-wipe after 10 failed attempts.

    You can set your iphone to wipe itself out after 10 failed attempts. Does this exploit work around this feature too?
    kraterz
    • Auto wipe is useless

      Yes since ios isn't loaded it is not capable of wiping itself. This workaround essentially loads its own code and then reads the specific locations where information is known to be stored. This is nothing new!
      DrPenner
  • This Video...

    ...has been removed by the user. :-\

    Nevertheless... a good feat.
    Sp4rt4n
  • Huh?

    Odd that you would post a video about iOS devices in a format inaccessible to iOS devices. ;^)
    Kiwiiano
  • Not surprised

    I assume that any consumer grade or even industrial grade smartphone can be broken into with enough "umpf" so this is not a surprise. However, I would like to see the video on how it works.
    phatkat
    • Since you asked

      Here's the video for obtaining the iphone pass code.

      http://www.youtube.com/watch?v=U9koLNAR9SY

      I'm not sure about Android or Blackberry though.
      Kari Kay