Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

They can sign their own alternate ramdisks, and the default PIN is only 4 digits, so that's not surprising really. It's been possible to load similar forensic software on A4 devices by anybody for years now.


I hope for security sake, the users on here do not use 4 digit pins...or at least have the wipe feature enabled after x failed attempts.


The wipe after 10 attempts is moot anyway, we are talking about Apple loading new software into a ramdisk and brute forcing it. I've personally done this at an owners request.


Presumably not on a post-iPad2/iPhone4S, or without access to a previously-paired computer, right?


A normal user could do it on any device with the A4 chip or prior, vulnerable to the limera1n exploit. Apple could do it with any device, as they own the signing keys for the bootloader.

There's even pre-built forensic ramdisks if you'd like to have a play around — https://code.google.com/p/iphone-dataprotection/

I'm willing to bet that there's at least one private bootrom exploit, one of the jailbreak developers has hinted that he has found one.


It's generally a requirement for most corporate profiles to use a alphanumeric pin.

It's also pretty much considered the most annoying thing about those corporate profiles.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: