Apple's Secure iPad Activation Lock Bypassed Via iOS Bug
Apple's activation lock feature for iOS makes it difficult for thieves or anyone other than the owner to unlock an iPhone or an iPad, wipe all the data inside it and essentially repurpose it as a new device. It's difficult, yes, but still possible.
iOS Activation Lock Bug
Two bugs have recently been discovered that could potentially make it feasible for someone to circumvent Apple's activation lock security feature. One of the bugs affects iOS 10.1, and the other affects the latest version of Apple's operating system, iOS 10.1.1.
The first of the two bugs was discovered by Hemanth Joseph, a security researcher in India. Joseph bought an unlocked iPad Air running iOS 10.1 from eBay for a friend last month but found out that the device was locked.
Relatively new to iOS, Joseph scoured the internet for methods on how to unlock the iPad Air, to no avail. He booted up the device again and went through Apple's preliminary setup process until he got to the activation lock screen.
Asked to choose a Wi-Fi network, Joseph tapped "other network." When it came to the name and the WPA2 enterprise key fields, he filled both with thousands of characters. He kept copying and pasting countless characters in the field until the device froze. To make sure the device was still responding, Joseph pressed the lock button, which took him back to the Welcome screen.
Joseph continued to figure out how to purposely fail the setup process for him to end up on the home screen. Pressing the sleep/wake button clearly wasn't the right method, since doing so only restarted the setup wizard, but with the help of Apple's Smart Cover and precise timing, Joseph successfully landed on the iPad's home screen. Joseph uploaded the entire process on Google Drive.
The Activation Lock Bug Is Also Present On iOS 10.1.1
The other bug was discovered by Vulnerability Lab, a group of researchers who monitor possible vulnerabilities or exploits in popular manufacturer products. The group, like Joseph's handiwork, typed in a surfeit of characters on the setup fields and also used the smart cover trick.
Both demonstrations have shown that the home screen appears only for a brief period before disappearing. But Benjamin Kunz-Mejri, founder of Vulnerability Labs, told Security Week that quickly pressing the sleep/wake button maintained access to the iPad's home screen.
The Danger of Bypassing Activation Lock
If Apple's activation lock feature continues to yield to these relatively simple methods of bypassing, then it's easy to imagine that individuals, even without any hacking experience, could potentially find ways to wipe the device clean and sell it anew. Even more alarming is that a user's personal information can now be more easily accessible. Personal information such as photos, contacts and conversations, among others, may fall into the wrong hands and spell disastrous results.
Fortunately, the bug Joseph discovered has reportedly been fixed by Apple via an update last Nov. 16. The second bug, however, remains unfixed, but the impending arrival of iOS 10.2 should iron that out eventually.