Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Manually bruteforcing PINs is actually not a way to get in here, the phone will wipe the keys that the pin protects after 10 attempts.

I'm not sure what method Snowden has in mind for decrypting this device without going through Apple. It seems like it must be a 0day.



Depending on the device/iOS versions, you're able to bypass the count limits.


The FBI is asking that Apple provide them the ability to bypass the PIN timeout limits.

In modern iphones, those limits are handled by the secure enclave. However on the 5C in question, the limits are done in iOS and can be disabled by flashing a custom version of iOS. That's what the FBI is requesting.


The phone "may" wipe the keys after 10 failed attempts.

That is a configuration option. Can't that be changed by the remote configuration management software?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: