The myth that Apple devices are invincible to hacking is slowly starting to fade away to reality. And the reality is that Apple, just like every other tech giant, can’t keep up with the “dark side” of technology.
It’s now officially known that there’s another bug that can allow unauthorized access to iPhones and iPads, via a simple technique. This bug could allow a third party to bypass Apple’s iOS Activation Lock feature on devices running iOS 10.
How Apple’s iOS Activation Lock Feature Can Be Easily Bypassed
This could happen via the Find My iPhone service that helps users activate Lost Mode on their iOS devices in case they were stolen. However, a person with the appropriate knowledge to bypass the Activation Lock feature could easily exploit the service.
Once a locked device is started, users are prompted to connect to a Wi-Fi network. However, if the user selects “Other Network” and enters a very long string of characters in the username and password fields, that can crash the operating system. This is how the device’s homescreen is exposed.
And that’s not the only way to crash Apple’s mobile OS and bypass the Activation Lock. Another option is to close and open the smart case of an iPad repeatedly. A crash will be triggered, and the person would be granted access to the homescreen.
This flaw may have been patched timely by Apply (in iOS 10.1.1) but it just reveals that the issue wasn’t addressed completely. Researchers at Vulnerability Lab analyzed the issue and discovered that it could easily be repeated in iOS 10.1.1. The OS can also be crashed via the screen rotation feature and Night Shift mode. This would make the device exposed for about a second but the time can be prolonged by shiftly pressing the power button.
It’s still not known if the issue can be exploited in the latest iOS 10.2.