WingNews logo WingNews
top | item 46937518

(no title)

samename | 21 days ago

How many times do you unlock your phone a day? For some people it’s over 100+ times a day Face ID is convenient, useful and secure. The alternative? People will use short numeric passcodes that are easy to bypass with devices like Cellulite.

Instead, we should push for laws and protections around our private devices. The 4th Amendment actually protects our personal effects and imo this biometric loophole is illegal.

As the other commenter pointed out, in the meantime, practice how to quickly lock your phone - and better yet, when in dangerous situations, leave it behind or turn it off.

discuss

order

willio58|21 days ago

Does anyone know how devices like Cellebrite work? Like high level I assume it taps the numbers and has some algorithm that prioritizes common passcode patterns.

But how does it not get locked out the same way we do when we fail our passcode 5+ times in a row? Is it just super easy to get around that exponential lock-out for iOS?

snailmailman|21 days ago

It is not super easy to get around that tech. It used to be easier a long time ago. Apple patches the methods every time they can, and have made hardware adjustments in attempt to make it as hard as possible. A lot of these methods involve tricking the counter so it doesnt increment at all, or somehow rolling it back. If the phone isnt set to wipe after 10 attempts, tricking the timer that time has passed would be enough.

Im not sure if anyone other than Cellebrite knows the exact details of what they are doing. (If they can even unlock latest iPhones that are properly secured. I’m seeing a recent article that implies recently unlocked iPhones had biometrics enabled) I wouldn’t be surprised if their techniques involved disassembling the phone, and tampering with every connection of the chips involved, or depowering them in weird ways as they are counting attempts, or even desoldering and transferring the chips to other boards. I suspect that if apple knew and could patch the method, they would.

It’s impressive that it is so hard to get into iPhones imo. People use 6 digit passcodes to lock their entire digital life. That would be considered horrendously insecure for anything that isn’t an iPhone. You can (and should) increase it to a full password. But a lot of people don’t.