Apple iOS News: New Bug Allows Someone To Bypass iOS 10.1.1 iCloud Activation Lock, Will Apple Fix The iOS Bugs? [Video]By Erwin Castro, UniversityHerald Reporter
Security researchers have recently discovered two different bugs that could allow someone to bypass Apple's activation lock security feature on iPhone and iPad devices. One of the bugs impacts devices running Apple's iOS 10.1 and the other on the latest version of Apple's iOS 10.1.1 software.
According to Forbes, the first of these bugs was found by Hemanth Joseph, a security researcher from Kerala, India. The researcher has exploited a flaw in the iOS device setup process. Joseph made the works on a locked iPad he purchased from US-based auction site eBay.
According to the researcher, when prompted to choose a WiFi network, Joseph simply chose other networks in the network setting and then proceeded to fill its name and a WPA2-enterprise key with thousands of characters. Joseph thought was that entering too many data in those WIFi Setup fields would cause the iOS-powered device to freeze and hang for a while, and Joseph was right it did.
As mentioned earlier by Apple Insider, by using a very long password in the Wi-Fi setup fields on an iCloud locked device, Joseph was able to crash the security layer, and eventually gain him access to the Home screen.
After figuring out how to freeze the iOS devices, Joseph started to work on another area, this time in the preliminary setup process. Joseph booted up the device again and went to several tests. After taking some time and with good timing, Joseph finally succeeded, he cracked the flaw and successfully demonstrated the bypass in a video uploaded to Google Drive.
Fortunately, Apple made a good response on Joseph's Activation Lock bypass with the release of iOS 10.1.1 in October. But this has not stop researchers from digging deep into Apple's devices, finding loopholes and weaknesses on their devices.
Recently, security researchers at Vulnerability Labs have discovered the iOS 10.1.1 bug and were able to recreate the exploit using iOS screen rotation and Night Shift mode. Like Joseph, the security researchers began by overloading the WiFi setup option and then employed the Apple Smart cover.
The team has managed to bypass the iOS 10.1.1 Cloud Activation lock by enabling Night Mode and using the device in Landscape mode. To share their discovery, the team posted a video on Youtube, detailing everything on it
The Apple's iCloud Activation Lock is a security feature developed by Apple to stop thieves or others from gaining access to lost or stolen iOS-powered devices such iPhone, iPad or iPod Touch. This mean that only the original owner will be able to unlock the device after entering right username and Password. The security feature is said to automatically switch on when the device's Find My iPhone feature is enabled.