clock menu more-arrow no yes

Filed under:

iOS hacker Chronic corrects XRY passcode cracking claims for iPhone and iPad

New, 10 comments

iOS hacker Chronic has called into question the reported claims of Micro Systemation's law-enforcement hacking tool XRY, stating that the app only works on older iOS devices and that its abilities are quickly thwarted by simply using a more complex password.

iPhone PIN code unlock
iPhone PIN code unlock

Last week Forbes reported on the Swedish company Micro Systemation, whose software XRY is used by law-enforcement officials to gain access to data stored on password-protected mobile devices. According to iOS hacker Chronic, however, Apple's devices may not be nearly as vulnerable as suggested. In a blog post, Chronic states that for iOS products, the XRY tool is doing nothing more than piggybacking on the well-known "limera1n" jailbreak exploit released by George Hotz. The vulnerability used in limera1n, however, was patched by Apple in both the A5 and A5x chips, leaving the iPhone 4S, the iPad 2, and the current-generation iPad immune to the software altogether. Additionally, Chronic states that Micro Systemation's claimed ability to crack an iOS device's passcode in two minutes — demonstrated in a video, no less — only works if a simple passcode of "0000" is utilized. If you're concerned about third parties being able to access your data in this manner and don't want to upgrade your device, Chronic recommends turning off the "simple passcode" option under General > Passcode Lock in the iOS Settings app. Utilizing a longer password will increase the time time needed for XRY's brute-force passcode cracking.