How is a non-jailbroken iOS device hacked into?

dennysanders · Feb 25, 2016

So, quite often I'll hear of people talking about their iOS devices being hacked. They say things like somebody is remotely accessing their iPhone, changing things around and making calls, texts or browsing websites in safari, etc. I've always just assumed they're full of crap and they're just the type of person who's got all these conspiracy theories. Is there any validity to these types of statements? If yes, how is somebody able to remotely access another user's device?

Suckfest 9001 · Feb 25, 2016

I would imagine those people aren't very tech-savvy because it's not possible to "hack" an unjailbroken iPhone in those ways. The software is just too sandboxed. They're either lying or trying to cover up sketchy browser history to their spouses by blaming it on hax

dennysanders · Feb 25, 2016

Suckfest 9001 said:
I would imagine those people aren't very tech-savvy because it's not possible to "hack" an unjailbroken iPhone in those ways.

yeah, that was my assumption as well

I7guy · Feb 25, 2016

You can hack via iCloud that is not secured by 2FA or unsecured iPhones. But there haven't been any/many reports of widespread zero day iOS attacks.

dennysanders · Feb 25, 2016

I7guy said:
You can hack via iCloud that is not secured by 2FA or unsecured iPhones.

how?

I7guy · Feb 25, 2016

dennysanders said:
how?

An unsecured phone that is not in your possession is a no brained. Without 2fa someone could guess your password, look at your iCloud documents, put your phone in lost mode etc..

cynics · Feb 25, 2016

There are two extremes that are equally silly. The group that thinks it's impossible to hack iOS and the group that thinks every little thing is a "hack". Usually people that think their phone is hacked is just a bug or they fell victim to a phishing scheme.

However anything is possible depending on what you are trying to accomplish.

Let's keep in mind iOS needs about 7-10 exploits to accomplish a jailbreak. So essentially a jailbreak itself is a hack, and we are pretty much there as of iOS 9.3 so it's very naive of someone to totally dismiss the idea of iOS being "hacked".

dennysanders · Feb 25, 2016

I7guy said:
An unsecured phone that is not in your possession is a no brained. Without 2fa someone could guess your password, look at your iCloud documents, put your phone in lost mode etc..

i understand if they know your password they can do things with iCloud. but other than making your device play a sound, how can someone remotely access a device, open things up, make calls, etc...?
[doublepost=1456430756][/doublepost]

cynics said:
it's very naive of someone to totally dismiss the idea of iOS being "hacked".

i'm not saying it's impossible. i know there has to be ways to do it but nobody can ever give me an answer as to HOW it's done. that's all i'm really curious about.

Zirel · Feb 25, 2016

dennysanders said:
So, quite often I'll hear of people talking about their iOS devices being hacked. They say things like somebody is remotely accessing their iPhone, changing things around and making calls, texts or browsing websites in safari, etc. I've always just assumed they're full of crap and they're just the type of person who's got all these conspiracy theories. Is there any validity to these types of statements? If yes, how is somebody able to remotely access another user's device?

No, there's no validity in those comments. There is no known way to hack into iOS (at least 9.2.1) remotely or with the device in hand.

You can steal a user's password through various methods (make a phone call, say you are Apple, and ask, people that share passwords between various accounts, etc.). But that's not "hacking iOS" or "hacking iPhone", or "hacking iCloud".

cynics said:
The group that thinks it's impossible to hack iOS and the group that thinks every little thing is a "hack"

It may be possible, but there is no public knowledge on how to do that currently.

kaielement · Feb 25, 2016

I have seen people think there iOS device was hacked when they notice say safari showing things in the history that they claim they never went on with that device. Most of the time it's just iCloud syncing across their devices and they are not tech savvy enough to know it. They don't even know how to turn that off or on. Most of the time these are the same people who are convinced that Apple is spying on them lol.

dannyyankou · Feb 25, 2016

Well jailbreaking is hacking in the first place...

cynics · Feb 25, 2016

Zirel said:
It may be possible, but there is no public knowledge on how to do that currently.

It wouldn't be a "hack" if it was public knowledge...

Elisha · Feb 25, 2016

If it is man-made it is hackable. Nothing us unhackable. It's whether or not you want to spend time and resources to accomplish it!

Jessica Lares · Feb 25, 2016

The reason they built the third-party keyboard API the way they did, with the limitations, is because that would be the easiest way to do lots and lots of damage. You'd get their passcode, their credit card numbers, their name, address, lots of logins, be able to identify to what services they were tied to based on searches/language used (like hashtags for Twitter), and other stuff. And you can't just have it not do server based stuff to begin with because then that loses the whole benefit of stuff like Swype and SwiftKey who would then have to have you update a database every month.

Around here you always have people complaining about that "bug" where you get redirected to Safari and the App Store from an ad or whatever. Some people don't make that connection, and some don't understand the difference between simulated text/phone conversations and real ones either.

Zirel · Feb 25, 2016

cynics said:
It wouldn't be a "hack" if it was public knowledge...

Why not?

steve62388 · Feb 25, 2016

In the case of your friends claims I would say they are wide of the mark, but...

There is a reason the NSA has remained quiet and not requested a back door into iOS during the current brouhaha. Dum dum daah [sinister music].

pika2000 · Feb 26, 2016

I think the term "hack" has been widely used that it covers a wide array of methods.
1. Brute force. Eg. guessing a password by typing every single possible combination
2. Software exploit. Eg. exploiting a known bug in the software itself
3. Social engineering. Eg. user facing, guessing one's password to be his/her dog's name.
4. Not a hack at all. Eg. a user's kid make a phone call without the user's knowledge, or disclaiming one's actual action as a hack.

One would be surprised how many lay people's definition of a "hack" is no 4.

cynics · Feb 26, 2016

Zirel said:
Why not?

I hate the term hack/hacker, it seems so corny to me. Also I feel the definition is subjective.

Despite that, a hack (verb) is the process performed by someone of a higher skill set then the public, a software engineer/programmer...a hacker.

Copying or using software written by that person is not hacking nor does it make the person doing it a hacker. You are just exploiting a security hole/bug that was established by a hack (the process).

Obviously there are a lot of gray areas and I know everyone that opens terminal considers themselves a hacker however I don't feel that's the case..

Search

Search

How is a non-jailbroken iOS device hacked into?

dennysanders

macrumors 6502

Suckfest 9001

Suspended

dennysanders

macrumors 6502

I7guy

macrumors Nehalem

dennysanders

macrumors 6502

I7guy

macrumors Nehalem

cynics

macrumors G4

dennysanders

macrumors 6502

Zirel

Suspended

kaielement

macrumors 65816

dannyyankou

macrumors G5

cynics

macrumors G4

Elisha

macrumors 6502a

Jessica Lares

macrumors G3

Zirel

Suspended

steve62388

macrumors 68040

pika2000

Suspended

cynics

macrumors G4

Our Staff