Indian student finds way to bypass Apple's high security activation lock
03 Dec 2016
Hemanth Joseph, an engineering student, has found a way to defeat Apple's high security activation lock, which allows the owner to prevent others from using the iPhone, iPad, iPod Touch or Apple Watch once it was stolen or lost, The Times of India reported.
"I found out a way to bypass the lock screen when somebody tries to open any of devices, locked by the owner using 'Find iPhone' app," said Joseph, a final-year mechanical engineering student at Amal Jyothi College of Engineering, Kanjirappally, Times of India reported.
It started when Joseph bought a used iPad from eBay for his friend, which they found, was locked by the previous owner. However, they played around with the 'bricked' tablet, and found that it did not have a character limit for input fields for the verification before connecting to the 'another Wi-Fi network' option. "We can enter as many characters as we like to that field. Perfect for creating an OverFlow," he wrote in his blog.
Joseph exploited a weakness in the iOS device setup process and then tested it on the locked iPad he purchased online.
When asked to choose a WiFi network, he chose 'other network' and then filled its name and a WPA2-enterprise key fields with thousands of characters. He figured out enough data in those fields would cause the device to freeze, and that was what happened Forbes reported.
He the began to find a way to make the setup process fail and drop him on the home screen.
When he pressed the sleep / wake it merely restarted the wizard, however, with a little help from the magnetic catch in Apple's Smart Cover and some practice to perfect the timing, Joseph succeeded.
He then uploaded a video of the unlocking process to Google Drive, the report said.