Newer Apple devices implement a hardware-based component that’s isolated from the main processor to provide an extra layer of security, it is also used to keeps count of the number of wrong passcodes the user entered and gets slower at responding with each failed attempt.
Hickey explained that when an iPhone or iPad is plugged in, every keyboard input is managed by the device with the highest priority over other processes on the device.
“If you send your brute-force attack in one long string of inputs, it’ll process all of them, and bypass the erase data feature,” he told ZDNet.
If the attacker sends all the passcodes in one single string by enumerating each code from 0000 to 9999 with no spaces, the iOS gives the keyboard input routine priority over the device’s data-erasing feature. This implies that this trick works only after the device is booted up because there are more routines running.
The attack technique devised by Hickey can be effective against devices protected with six-digit passcodes, but it is slow, running about one passcode between three and five seconds each or over a hundred four-digit codes in an hour it would take weeks to unlock the device.
Hickey reported the bug to Apple but still hasn’t received any reply, he also published a video PoC of its attack.
“I suspect others will find it — or have already found it,” Hickey said.
Apple is implementing a new feature dubbed USB Restricted Mode to improve the security of its device, it is going to lock down the iPhone’s data port to avoid unauthorized access, but experts observed that in this way password-cracking tools used by forensics experts will be no more effective.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.