The iOS Activation Lock feature was considered as the "end" for iPhone and iPad thefts. Thieves would no longer be able to wipe and reuse stolen devices, as even after a full wipe those devices will still require the legitimate owner's iCloud credentials. Now, two hackers known as Team DoulCi (iCloud backwards) have shown there's an easy way to bypass the activation lock, rendering the system, as it currently is, useless.
A locked device will try and contact Apple to see if it has the permission to be activated. This hacker team simply found a way to redirect that request to a non-official activation server that tells the device that everything is ok, tricking it into working again.
Sure, they say this tool should be used only by legitimate owners that have unwillingly found themselves locked out of their devices (forgotten password, devices from members of the family that have died and haven't left their passwords, etc.) but we all know that for each legitimate activation using this tool there will be thousands that aren't legitimate at all.
A very harsh reminder that no security system is really infallible.
No comments:
Post a Comment