Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Says Bug Exploited by $500 Passcode Guessing Box to Crack iPhone 7 is Patched in iOS 11

uroshnor said:
No. It's basically , if you change your password before you have upgraded to iOS 11, plan to not lose your phone in the first few minutes after you change it.
Click to expand...

Yep... the best advice is to be more careful and not lose your phone in the first place.

We shouldn't be worried about the risks outlined in this article though.

The chances of someone finding my phone and having one of these $500 boxes is ridiculously low. :p
 
  • Like
Reactions: eagle_man
Michael Scrip said:
Yep... the best advice is to be more careful and not lose your phone in the first place.

We shouldn't be worried about the risks outlined in this article though.

The chances of someone finding my phone and having one of these $500 boxes is ridiculously low. :p
Click to expand...

AND you losing the phone just after changing the passcode, and that person getting to that box within 10 minutes of you changing the passcode.
 
  • Like
Reactions: RuralJuror, I7guy, t1meless1nf1n1t and 1 other person
Westside guy said:
I wonder if this was an intentional choice by the programming team? I could see someone arguing that "right after changing the passcode, people are going to be more prone to mistakes - so let's not penalize them for the first few minutes".
Click to expand...
Good thinking , I also don't think this was a bug. They just didn't expect someone to exploit it.
 
And yet, we've been selling a device to government agencies which will retrieve the passcode, Keychain passwords, browser history, text messages, contacts, network connections, and much more since 2008 and it still won't be patched in iOS 11.
 
gnasher729 said:
AND you losing the phone just after changing the passcode, and that person getting to that box within 10 minutes of you changing the passcode.
Click to expand...
I'm guessing that this was some sort of convenience backdoor left in by a dev, figuring that it wouldn't matter in the wild anyway. He was right. It doesn't.
 
Markoth said:
I'm guessing that this was some sort of convenience backdoor left in by a dev, figuring that it wouldn't matter in the wild anyway. He was right. It doesn't.
Click to expand...

Right? How absolutely ridiculous is this... It’s more likely that someone sees me enter my passcode because Touch ID wasn’t working then successfully exploiting this cool down period. I agree this was probably put in place as a grace period for people who just changed their passcode, or a leftover from a development stage
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back