As a standard security measure, Apple’s iPhone can be set to require a four-digit passcode whenever the phone’s screen is powered on in order to prevent unauthorized access. With passcode security enabled, a user’s information is theoretically kept private if his or her device ever falls into the wrong hands. A recent Forbes report reveals that law enforcement agencies can bypass the iPhone’s passcode requirement in less than two minutes, however, gaining access to all of the private data stored on the devices. Read on for more.
Unlike various bugs that have been found within iOS to bypass the code, law enforcement agencies use a special program from Micro Systemation, a Sweden-based firm that sells tools to give law enforcement and military customers access to devices belonging to suspected criminals.
The software, called XRY, can quickly crack an iOS or Android phone’s passcode, dump its data to a PC, decrypt it, and display information such as the user’s GPS location history, files, call logs, contacts, messages and even a log of keystrokes in some cases. XRY doesn’t use “backdoor vulnerabilities,” but rather “seeks out security flaws in the phone’s software,” similar to jailbreak exploits that can gain unrestricted access to an iPhone.
Users who set longer passcodes can make a device far more difficult to crack according to the report, and in some cases it can take so long for software like XRY to work that officials give up. A video showcasing the software follows below.