Apple's Activation Lock Isn't Really Secured, Researchers Revealed

By Precious Gem de Peralta
iOS 10
Security researchers have discovered bug in iOS 10.1 and iOS 10.1.1 that allowed anyone to bypass the activation lock of the iOS device. The vulnerability in the iOS 10.1 was already patched on Nov. 16 while the upcoming iOS 10.2 update will resolve the issue in the iOS 10.1.1. iPhoneDigital / Flickr

Though iOS devices are more secure than Android devices, researchers have recently discovered bugs in two current versions of iOS 10. They have found out that someone else can bypass the activation lock of your iPhone or iPad other than yourself. Two separate security researchers have explained how it is possible.

According to Forbes, security researcher Hemanth Joseph from Kerala, India was able to exploit a vulnerability in the iOS device setup process. He purchased a locked iPad from eBay. Joseph explained how he did it on his website. He also has uploaded a video of the demonstration in Google Drive.

The purpose of the Activation Lock is to prevent anyone from accessing your iOS device. Those who attempt to do this is required to input the username and password of the owner's iCloud account. They wouldn't be able to unlock it unless they filled those details correctly. Naturally, there will be no use of the device for them.

Joseph shared that he chose "other network" when he was prompted to instead of selecting those that are mentioned. He filled the name and as well as the WPA2-enterprise key. Now, the latter field is instrumental. He out thousands of characters. This caused the iPad to freeze. He eventually succeeded in making the setup process fail and access the home screen. Joseph had to use both sleep/wake button and magnetic catch in Apple's Smart Cover.

The timing is also crucial to achieving this. He said that he reported this to Apple back on Nov. 4. The next day, he got a reply that asked for further details about his exploit. He immediately mailed them back with additional information. By Nov. 16, Apple has issued a security update that fixed this flaw in iOS devices.

The bug in the iOS 10.1.1 was discovered by researchers at Vulnerability Lab. The process they went through was almost similar to what Joseph did. They had overloaded the WiFi setup fields and utilized the smart cover. Both have made the home screen appear for a moment until it disappears. The lab's founder Benjamin Kunz-Mejri said to Security Week that they also quickly pressed the sleep/wake button to keep the device open.

Though both security researchers acted with good intentions, it is possible that cybercriminals could do the same thing for a whole different purpose. Forbes also pointed out that they did not specify if the home screen that appeared works. Apple is yet to patch the flaw in the iOS 10.1.1. However, the iOS 10.2 is already in its beta stage. This vulnerability might have been resolved once it becomes available for consumers.

  • [Exclusive Interview] A revelation within the brink of life and death — Meg Leung’s mission in Christian art

    Meg Leung (梁麗橋), an artist with a lifelong love for watercolor painting, sees her art as more than a means of expressing her inner world; it is a bridge connecting her to God. Her artistic journey has revealed God’s perfect plan and inspired her to communicate the power of faith through her wor

  • Transgenderism a fundamental human right? Hong Kong public disagrees, survey finds

    A 2024 survey from the Society for Truth and Light (明光社)'s Center for Life and Ethics Research reveals that respondents from various backgrounds prioritize personal safety and fairness when it comes to transgender issues. When laws involve moral judgments, most respondents believe courts should not make the decisions. The study also indicates that religious believers share similar views with non-religious respondents, reflecting that many churches may rarely address gender topics in depth.

  • Discipleship and Evangelism: Walking the Path of the Great Commission

    Like an ever-flowing spring, the gospel refreshes dry, parched lands and needs our unwavering passion and steadfast faith to transform lives and bring renewal. The "flame in our hearts" calls Christians to keep their faith and love for the Lord ablaze, representing the work and power of the Holy Spirit, driving us to proclaim God's glory boldly.

  • North America Chinese Evangelical Seminary year-end report highlights significant ministry progress

    As the year draws to a close, Rev. James Liu, President of the Chinese Evangelical Seminary North America (CESNA), reflected on the seminary’s remarkable growth and ministry development over the past year. Dedicated to providing theological education to Chinese Christians, CESNA continues to uphold its mission to remain faithful to the gospel and nurture believers. This year’s achievements span academic, ministerial, and outreach endeavors, fostering spiritual growth and advancing missionary wo

Top Stories