iPhone Passwords Vulnerable to Hackers Using Inexpensive Hardware Components

The bypass rig unlocks the smartphone by cloning its memory

iPhone Passwords Vulnerable to Hackers Using Inexpensive Hardware Components
Image: Pixabay
September 19, 2016

A University of Cambridge computer scientist has discovered a way to hack a multi-digit iPhone passcode using just a few inexpensive pieces of hardware.

TechRadar reports that Dr. Sergei Skorobogatov has constructed a bypass rig able to unlock iPhones by simply cloning their memory.

Dr. Skorobogatov first determined how the main memory storage element in the iPhone 5C, known as a Nand chip, communicated with the rest of the phone. Once he figured that out, he was then able to construct an external chip board on which he could create clones of the Nand chip. In effect, this means that PIN access attempts will be reset every time a cloned chip replaces the last chip used.

He chose to focus his attempts on the iPhone 5C model because it had been the main focus of an FBI terrorism investigation. In December 2015, Syed Rizwan Farook and Tashfeen Malik shot and killed 14 people in California before being shot and killed themselves by law enforcement officers. They had an iPhone 5C that the FBI believed contained information about other terrorist cells, but iPhone manufacturer Apple refused to unlock the device.

This refusal forced the agency to pay $1 million to security contractors to break the passcode. Dr. Skorobogatov believed that it could have been done far more cheaply and proceeded to do so using the $100 kit he built himself, in the process disproving FBI Director James Comey's belief that such systems would not work.

Relatively speaking, Dr. Skorobogatov's process took little time. It took him roughly 40 hours to crack a four-digit code, and a six-digit one could take hundreds of hours. However, it is feasible that the FBI's resources could make unlocking the device much faster through a large-scale application of Dr. Skorobogatov's technique.

Dr. Skorobogatov has suggested that newer iPhone models may be just as vulnerable as the 5C, though he was not sure what security systems were in place on the very latest models, the iPhone 7 and 7 Plus.