Does apple do that ?Submitted by isahilkumar t3_zy6ba8 in iphone
blkrfl556 t1_j262opr wrote
Reply to comment by brizzodaizzo in Does apple do that ? by isahilkumar
I did answer this… it is possible to brute force the passcode… it’s the same way we do it daily… it’s not just gibberish. There is no ‘master encryption key’ the phone is for a lack of better words ‘hacked’ and all the data can be retrieved. When the devices are brute forced, it basically tries a string of passwords (sometimes taking weeks to months) trying different combos. Every time I tries 2 that aren’t successful, it erases the “failed attempts” from the device meaning every 2 attempts it just starts over as if there were no failed passcodes. If we aren’t dumping the data, you can still brute into the device and unlock it. Just takes time and patience.
Truly_Unending_ t1_j265qeq wrote
How do you get past the 10 failed passcode attempts erasing all data on iPhone feature?
PerpetuallyOffline t1_j2665qy wrote
You have to turn that on manually. Most users never do.
Truly_Unending_ t1_j267nq2 wrote
Yeah but I made that comment assuming he was trying to break into a phone that has it turned on. I always have it turned on on my phone personally.
YangaSF t1_j26lkr8 wrote
If it resets the “two failed attempts” flag, it will never reach a 10th attempt no?
blkrfl556 t1_j2707mh wrote
We see phones with that all the time. Like I said, it sends a code to the device after 2 attempts and basically tells the computer of the device to erase the attempts, meaning the phone always thinks it’s either the first or second attempt.
Truly_Unending_ t1_j285qqb wrote
Good to know. I hope Apple builds a way to combat this sometime soon.
blkrfl556 t1_j28sw6u wrote
You might. Depending on the case, we don’t lol. But like I said, Apples security and encryption is why we dislike working with the phones, but the same reason all of us own one lol. If people knew how easy android was… everyone would own a iPhone.
brizzodaizzo t1_j2667zm wrote
I believe this option is off by default. The user has to turn it on.
Truly_Unending_ t1_j267oqb wrote
Yeah but I made that comment assuming he was trying to break into a phone that has it turned on. I always have it turned on on my phone personally.
mahnkee t1_j282sxa wrote
You repetitively clone the phone and button mash programmatically. When the timeout is too large, wipe and reclone. Have parallel targets. This is how the Israeli company does it, the contractor the FBI used to crack the San Bernardino shooters’ iPhones.
Truly_Unending_ t1_j285ud5 wrote
Good to know. Hope Apple builds a way to combat this disgusting state sponsored anti privacy tactic very soon.
brizzodaizzo t1_j264kl7 wrote
Guessing that, this, is still the limitation?
blkrfl556 t1_j270ekl wrote
I’ve seen it take a 6 passcode minutes and a 6 passcode take months. It just depends. Sometimes we get lucky with it. All depends on how many attempts it has to make to crack it
brizzodaizzo t1_j271yn7 wrote
What about people that turn on the “erase iPhone after 10 failed passcode attempts” option in settings. Would figure this would make things tuff for u guys.
flambic t1_j277xov wrote
There have been bugs in the attempt-counting code, exploitable by GrayKey.
Also, iPhone X & before have a boot ROM bug letting you DFU unsigned payloads, but that doesn't help get the key for flash encryption.
Neither of these techniques seem like something Apple would use.
Viewing a single comment thread. View all comments