Law enforcement tools can bypass the iPhone passcode in under two minutes
Summary: Tool can also be used to crack Android handsets.
Do you have a passcode set on your iPhone? Does it give you a warm fuzzy feeling that your data is securely locked away from prying eyes? Think again.
Technology available to law enforcement officials by Swedish firm Micro Systemation can be used by to hack into the handset and bypass the four-digit passcode in less than two minutes.
Here's a video of the tool, called XRY, in action against a passcode-protected iPhone 4:
Note: iPhone 4S and iPad 2/3 are not supported.
XRY works by first jailbreaking the handset. According to Micro Systemation, no 'backdoors' created by Apple used, but instead it makes use of security flaws in the operating system the same way that regular jailbreakers do.
Once the iPhone has been jailbroken, the tool then goes on to 'brute-force' the passcode, trying every possible four digit combination until the correct password has been found. Given the limited number of possible combinations for a four-digit passcode -- 10,000, ranging from 0000 to 9999 -- this doesn't take long.
Once the handset has been jailbroken and the passcode guessed, all the data on the handset, including call logs, messages, contacts, GPS data and even keystrokes, can be accessed and examined.
Since this tool relies on brute-forcing the passcode, the makers acknowledge that you can make the handset harder to crack by choosing to use a more complex passcode than the four digit code used as default.
Feeling smug because you're using an Android handset as opposed to an iOS device? I hate to be the bearer of bad news but the XRY can also crack locked Android handsets, too.
More videos by Micro Systemation are available here.
Related:
- The iPad's missing feature: multitasking
- Why the new iPad battery meter is behaving just as it should
- Most used apps on the iPad 3 (gallery)
- Oops! New iPad drop test
- New iPad accounts for 6 percent of iPad traffic
- Why Apple doesn’t need to innovate much to stay ahead of the competition
- New iPad’s most revolutionary feature is its battery
- Why Apple’s iPad rebranding makes sense
- iOS 5.1 available for download
- New iPad is bad news for Android tablets
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
They kill me trying to lump Android in with everything...
So, what you are saying is that
Well
I saw the same thing
This is just more evidence that we all - regardless of whether you think you NEED it - should be encrypting our data. Heck, data encryption should be a standard user-selectable option on ALL phones.
I have an answer for you.
Less susceptible to machines, but (usually) more susceptible to humans
Just because...
kinda late...
Thank the heavens
As to preventing legal authorities from seeing your data being scary, that's only for criminals and paranoid individuals - it's the price you pay for living in a modern society.
really?
Thank post 9/11
Thanks to a Democratic President we now have Presidents who can assassinate American Citizens at will.
And thanks to recent Congressional Republicans and the Defense Re-authorization act of 2012, Presidents have the authority to arrest and detain American Citizens without cause, indefinitely, without trial or access to counsel, in places like Guantanamo.
Of course people like tonymcs are enablers, who believe these things are necessary for a modern society.
The USA is becoming more autocratic every year. Time to contemplate moving to Canada.
Exactly
I would think that the more modern the society, the [i]less[/i] able the government and big corporations -- two heads of the same hydra, increasingly -- would be to be able to access my private information because technology should be evermore empowering of the individual.
Are you paranoid enough?
Oh?
Ummm no it's called a right to privacy. If there is a warrant involved that is one thing but otherwise my data is mine. If I'm pulled over for a traffic violation or hit a driver checkpoint then they have no more right to check my phone as they do to check my car.
Actually, you could be wrong on one point.
I'll tell you what's scary...
While I'm not of the tin foil hat crowd, it's exactly this type of thinking that allows government to become Big Brother if they so choose.
The days of calling people tin foil hat wearers are over
In fact it is those persons who are still living in denial that anything is wrong who are the tin foil hat kooks. That???s because they still believe in the fairytale land of the United States Of America in which freedom and the pursuit of happiness are rights guaranteed and protected by a representative republic. What we have today is smashup of Corporatocracy and Fascism where the representatives work for big business and special interest and NOT those they are supposed to represent.
Just a reminder of what you government has been doing while you watched ???The Game??? or your favorite TV show. These are also all acts that were not properly covered by mainstream media because they were spending the majority of the time reporting on who was sleeping with who in Hollywood; the kind of information that???s most important.
SUPREME COURT rules Corporations are people granting corporations new rights .
Courts rule it???s OK for Law Enforcement to invade your private property with a warrant or justifiable cause.,
Court Rules police can take data from your phone without a warrant including the act of hacking your phone with brute force methods if it should happen to be secured.
Government Passes Healthcare Mandate the first attempt in our nation???s history by government to force citizens at the end of a gun if necessary to engage in a particular commerce whether they want to or not. In other words to force you to buy something whether you want to or not.
NDAA of 2012 includes sections that authorize the indefinite detention of legal US Citizens and the government has no burden of proof. This IS the first step to quelling political dissidents and anyone who can???t see it is either lying or a fool.
National Defense Resources Preparedness Executive Order ??? Grants martial law like power during peace time. AT this point how the Hell can anyone still think nothing is wrong and or not be troubled by what government is doing? It???s as clear as glass that the Feds are preparing for a war against the people to transform or Representative Republic into an effecti8ve police state
Older Events often unmentioned in mews media (I wonder why):
REX84 (Readiness Exercise 1984) ??? a exercise to train military personnel to occupy the streets of America and practice disarming American citizens.
2012 Presidential Campaign ??? Across the board effort to prevent Ron Paul from wining the Republican Primary. Have you noticed how they???ve stopped repeating ???Ron Paul can???t Win??? since Rommny appears to have a safe enough lead now that he???s unlikely to not win at the convention? Have you ever asked yourself why the Democrats and their friends in the mainstream media were also trying to convince people that Ron Paul was not electable? Why would the Democrats care? IN fact if Ron Paul was truly unelectable then it would be to the Democratic party???s benefit to help Ron Paul win the Republican primary so that their man Obama would then have an easy opponent to beat. But that???s not how its played out and everyone should be asking why? The logical best strategy for the Democrats would be to endorse and help Ron Paul win the Republican primary and yet they too tried to convince all that Paul was not a good choice. WHY would they help the Republicans keep Ron Paul from gaining any kind of lead? It just does NOT make sense.
days of labeling over
Maybe, but they're still wearing the tinfoil hats, so it doesn't change a thing.
A 4 digit passcode can be cracked by hand in a matter of days.
Permutations
@Natanael_l and bart001fr....Thanks guys. Now you've forced me to get off my dead....keyboard and look it up.