top | item 46937854

(no title)

It is not super easy to get around that tech. It used to be easier a long time ago. Apple patches the methods every time they can, and have made hardware adjustments in attempt to make it as hard as possible. A lot of these methods involve tricking the counter so it doesnt increment at all, or somehow rolling it back. If the phone isnt set to wipe after 10 attempts, tricking the timer that time has passed would be enough.

Im not sure if anyone other than Cellebrite knows the exact details of what they are doing. (If they can even unlock latest iPhones that are properly secured. I’m seeing a recent article that implies recently unlocked iPhones had biometrics enabled) I wouldn’t be surprised if their techniques involved disassembling the phone, and tampering with every connection of the chips involved, or depowering them in weird ways as they are counting attempts, or even desoldering and transferring the chips to other boards. I suspect that if apple knew and could patch the method, they would.

It’s impressive that it is so hard to get into iPhones imo. People use 6 digit passcodes to lock their entire digital life. That would be considered horrendously insecure for anything that isn’t an iPhone. You can (and should) increase it to a full password. But a lot of people don’t.

discuss

RockRobotRock|21 days ago

>People use 6 digit passcodes to lock their entire digital life. That would be considered horrendously insecure for anything that isn’t an iPhone.

That's not really true, it's just the black box magic that is a TPM. Windows Hello for Business does the same thing.