Apple iOS bug identified and fixed
IT security researcher Hemanth Joseph from Kerala has identified a bug in the latest Apple operating system iOS 10.1, that allowed him to bypass the activation lock on an iPad.
The activation lock in Apple’s iPhone is pretty difficult for someone other than owner of the device to hack and set up as a new device.
Joseph bypassed activation lock in a securely locked iPad by discovering a weakness in the device setup process running iOS 10.1 according a report in Forbes.
Joseph was prompted to select a Wi-Fi network, and he chose “other network” and selected WPA2- enterprise as the type of network to connect to which gave three input field to fill in including name, Username and password. Upon testing he discovered that there are no character restriction in those fields as he typed thousands of characters that iOS can’t handle, expecting that it would cause the software to crash. This caused the iPad to freeze and then he locked it by closing Apple’s magnetic Smart Cover over the screen. After re-opening the cover, the device was at the same screen, but after few seconds, it defaulted to iOS home screen.
This realisation means that Joseph successfully bypassed the activation lock and to have full access to the iPad. The bug reported last month as fixed in an IOS update. Joseph’s firm Slash Secure, is one of the leading Information security researchers in the world. Joseph is Founder of India’s first open security community for students at www.0SecCon.com.
Joseph has also been listed in Google’s Hall of fame and received a bounty of $7500 for reporting critical vulnerability in Google Cloud Platform.