Security Flaw That Lets You Bypass iOS 10.1.1 Strongest Security Feature

Apple products like the iPhone, iPad, Mac book are the most desirable technological gadgets widely used around the world. Many use these tech gadgets for different reasons and most users view Apple products as more superior and secure, in comparison to android devices. But even the mighty has an Achilles heel.

A very ridiculous vulnerability or bug has been discovered in Apple’s iOS 10.1 and 10.1.1 devices. The discovery was initially posted on Vulnerability Lab, but the discovery was made by Benjamin Kunz Mejri whose job is to find loop-holes in the iOS operating system.

This loop hole, allows users or hijackers to bypass the iCloud activation lock on lost or stolen devices.

When an iPad or iPhone is remotely locked by a user may be due to theft, the device requires an iCloud sign-in to unlock or gain access. To complete authentication, the device needs internet connection, and one option in doing this , is to sign in to a locked Wi-Fi network.

To continue the  Wi-Fi sign-in process, the user is given two text input fields with non restrictive character limits. Kunz Mejri observed that by copying and pasting huge chunks of text over and over again into both fields,  the entire system crawls to a halt. When the device is put to sleep by a Smart Cover, once the cover is reopened, the activation lock is gone and the user can navigate the home screen.

The previous version of this exploit was discovered by Hemanth Joseph of Slash Secure, and it affected iOS 10.1. The next update of iOS 10.1 seemed to fix the issue. But Kunz Mejri found out that he could still initiate activation lock crash by using Night Shift mode while simultaneously turning the device back and forth on its side and prompting the perspective to switch.

Consequently, it seems like the operating system just gives up lets in the intruder.