A CAMBRIDGE-BASED insecurity researcher has found that it is possible with time and patience to bypass the iPhone passcode system and access a person's personals.
Sergei Skorobogatov has published a short paper on his efforts, claiming that it is possible to take control of an iPhone by unsoldering a NAND Flash chip, spoofing the passcode retry counter and presumably clearing a bit of desk space.
This is no drive-by attack and is quite involved. If you were unlocking iPhones for nefarious purposes, for example, bulk stolen resale, it would probably come into its own. If you are just into it for the giggles the good news is that it doesn't cost much to carry out and yields results.
"This was achieved by unsoldering the NAND Flash chip of a sample phone in order to physically access its connection to the SoC, and partially reverse engineering its proprietary bus protocol," wrote Skorobogatov.
"The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful hardware mirroring process it was possible to bypass the limit on passcode retry attempts."
Skorobogatov explained that this is the first public demonstration of the working prototype and the hardware mirroring process for an iPhone 5C. He admitted that the process could be improved, but said that it is still a successful proof-of-concept.
"Knowledge of the possibility of mirroring will definitely help in designing systems with better protection. Also some reliability issues related to the NAND memory allocation in iPhone 5C are revealed," he said.
"Some future research directions are outlined in this paper and several possible countermeasures are suggested. We show that claims that iPhone 5C NAND mirroring was unfeasible were ill-advised."
Skorobogatov's technique could be applied the next time a US security agency or law enforcement officer wants to know what secrets lurk behind an iPhone's protected screen. µ
We doubt Big Blue would take payments in voucher form
But the service still has 130 million members, so it's not exactly in trouble
Zhang could be jailed for up to 10 years if found guilty
America seethes as offers are replaced by error pages. With dogs