Sign up for a new account or log in here:
also @ TechSpot: Nvidia GeForce GTX 780 Review
Swedish security firm, Micro Systemation, has demonstrated how simple it is to defeat lock screen passcode mechanisms on both iPhone OS and Android devices. To do it, the company shows off their own security tool called XRY, a utility used by law enforcement, military personnel and even the FBI for this very purpose.
In the demonstration below, the hack takes less than a couple of minutes from getting set up to completion. The actual cracking itself takes only seconds, but the passcode-breaking mechanism is a brute force attack. The pin used in the demonstration is "0000" which is likely to be the first number guessed, thus giving us the quickest possible result. A code like "9945" may take considerably longer.
The software not only cracks passcode locks, but can also extract data from locked phones. It is able to copy and decrypt GPS location history, call logs, contacts, texts and even keystroke logs.
XRY is based on a jailbreak-like method of gaining unsanctioned access to mobile devices. Instead of using official backdoors which are sometimes left by manufacturers, the company exploits security flaws found the OS itself. Leveraging these exploits, the software is able to inject code into the device which gives XRY unfettered access to the system, not unlike jailbreaking tools like ac1dsn0w or redsn0w.
In fact, finding exploits in every mobile OS update is what about half of Micro Systemation's 75 employees do.
The phone and tablet hacking tool sports a fairly intuitive interface, allowing individuals to use it successfully with minimal training. This sounds particularly useful for law enforcement and other agencies with limited monetary and technical resources.
As we've all heard, the legality of jailbreaking is on thin ice. However though, when authorities are using tools like XRY to crack criminal's smartphones, that seems to raise some red flags.
"If police have a warrant to be in the phone, this is just a way to get access to what they’re legally allowed to," Fakhoury says of the XRY tool. "But if they’re going to a protest and seizing folks for booking, and immediately running this on their phones and sucking everything out, we’ve got a real problem."
Source: Forbes
Micro Systemation claims its largest XRY client is the U.S. Military. "When people aren't wearing uniforms, looking at mobile phones to identify people is quite helpful", Dickinson explained as potential scenario.
Related Products from Product Finder
AT&T iPhone 4S
The iPhone 4S looks identical to last year's model but comes in a new 64GB flavor and upgrades the camera to include an 8-megapixel sensor with improved low-light performance and 1080p video capture. In terms of performance the new iPhone is reportedly up to 2x faster and is also capable of running on faster HSPA+ networks, reaching theoretical download speeds of up to 14.4Mbps.
Sprint 4S
Read expert reviews, pros & cons, and product information about Sprint 4S. There are 174 reviews available so far.
Apple iPhone 4S
The iPhone 4S looks identical to last year's model but comes in a new 64GB flavor and upgrades the camera to include an 8-megapixel sensor with improved low-light performance and 1080p video capture. In terms of performance the new iPhone is reportedly up to 2x faster and is also capable of running on faster HSPA+ networks, reaching theoretical download speeds of up to 14.4Mbps.
Samsung SPH-D720 Nexus S 4G
Read expert reviews, pros & cons, and product information about Samsung SPH-D720 Nexus S 4G. There are 17 reviews available so far.
User Comments: 9
Got something to say? Post a comment-
iPhone and Android passcodes can be bypassed within seconds by law enforcement agencies.
*fixed*
-
Turn Simple Passcode off in iOS, good luck cracking it.
-
How well does it work when the device is encrypted?? My tablet and phone (both android) are fully encrypted.... also I don't use a simple pin. I have a full password on my tablet. How does the software stack up then. Curious for my own sake...
-
seriously....4 digit password are you kidding me "sounds like something a ***** would have on his luggage"(spaceballs movie).
My cat could break 4 digits I'm unimpressed with this software, and depressed that anyone would use simple passwords on there mobile device(sigh).
-
If I remember correctly, my iphone is set to delete all data after a few unsuccessful attempts, how that works for brute force method I wonder?
So many unanswered questions!
-
Guest said:
If I remember correctly, my iphone is set to delete all data after a few unsuccessful attempts, how that works for brute force method I wonder?
So many unanswered questions!
Haha, if I were your friend and knew that, I would have tried random password and deleted all your files and said ''I didn't know''
-
This is stupid, why? Because governments are already listening to you while you're talking, messaging, using gps or browsing the internet! Everything you have on your phone, mobile company's has it!
-
DanUK said:
Twixtea said:Guest said:If I remember correctly, my iphone is set to delete all data after a few unsuccessful attempts, how that works for brute force method I wonder?
So many unanswered questions!
Haha, if I were your friend and knew that, I would have tried random password and deleted all your files and said ''I didn't know''
+1 !
Having your iphone delete all data after a few unsuccessful attempts sounds so paranoid hah.
-
DanUK said:
Having your iphone delete all data after a few unsuccessful attempts sounds so paranoid hah.
Better to have it auto delete if you lose your phone then to have a random person have all your contacts and information. I have a program on my phone that does the same, it also has an option that will let me manually delete all information with a text message with the right info sent to it.
Most Popular
| Trending | Featured |
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.