A security research on his twitter account has revealed about a bug on iOS devices on Friday and showed in the video that the system allows bypassing the passcode when applying brute force attack. Apple called for finding an error status after the video was released.
Matthew Hickey, Co-founder of Hacker House, a cyber-security firm, posted a video on his Twitter account where he demonstrated a method that allowed him to put ‘n’ number of passcodes even on the 11.3 iOS latest version. Under tested circumstances, after 10 wrong tries, the device is designed to delete all its content.
However, as found by Hickey, when an iPad or iPhone was plugged in, any input from keyword can trigger a risk and disable the interrupt request. This, as per the expert, stated as that sending a couple of passcodes in one go can bypass the erase feature of new iOS devices.
Michele Wyman, spokesperson of Apple, pleaded the claim of the researcher on Saturday. She said, “The recent test report about the passcode bypass error in iPhone is in error stage, as an outcome of incorrect testing.”
Though, there is no information shared by the company that why the demonstration was having an error, Hickey himself later tweeted that he realized that not all passcodes which are tested were sent to the device.
He went on further explaining the things by saying that when he cross-checked his progress and discovered that at the time of sending a string of passcodes, he is sending more than 20 sets of a pin but in actuality, it is only taking 4–5 sets of pin for checking. However, this method can allow increased security of the device and protect the devices from brute force attacks.
However, the researcher claim that the system is buggy, but the company has successfully denied the claim and the expert approved its denial after double-checking his testing method.