On Friday, security researcher Matthew Hickey has discovered a way to bypass the device’s security measures, even if it’s running the latest version of Apple’s mobile platform.
Specifically, Hickey said sending passcodes en masse over Lightning to a locked iPhone or iPad triggers an interrupt request that takes precedent over other device operations. In such a scenario, a hacker would key in all possible passcode combinations enumerated from 0000 to 9999, or 000000 to 999999 in the case of a six-digit code, as one consecutive string without spaces.
Through this purportedly operable mechanism, Hickey said a nefarious user would be able to bypass Apple’s secure enclave safeguards, including delays implemented between incorrect passcode inputs and an option to completely wipe stored device data after ten consecutive failed attempts.
Hickey said he already reported the vulnerability to Apple, noting that the bug isn’t difficult to identify and that there are probably other people who’d already found it before he did.
However, Apple’s spokesperson countered these claims, noting simply, “The recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing.”
Apple will soon be debuting another security feature called USB Restricted Mode that will cut off an iPhone’s ability to connect to a USB accessory plugged into it after an hour. Since it takes much more than an hour to send a device every passcode combination possible, the new feature could prevent hackers and cracking devices from force unlocking iPhones.