Last week, a Swedish company – Micro Systemation claimed that they had developed an application called XRY that is used by law enforcement to access information from passcode protected iPhones and Android based smartphones of criminal suspects or military detainees.
They also published a video, which suggested that it was very easy to crack iPhone’s passcode.
iOS hacker and developer – Chronic has written a blog post to clear up misconceptions. He explains that application like XRY are utilizing exploits used in jailbreak tools:
They do not use anything special that is “similar to” the exploits used in jailbreak programs; They are simply loading a custom ramdisk by utilizing the publicly available “limera1n” exploit by George Hotz. The ramdisk isn’t even very special, because anyone could put together their own using open source tools. The only “special” thing XRY has done is create a tool that is simple enough to be utilized by LE personnel.
He also clarifies that the “limera1n” exploit used by applications like XRY was patched by Apple in the A5 chip, which powers iPad 2 and iPhone 4S and also A5X chip that powers iPad 3,, which was also pointed out by our reader Sghfdhh in the original post.
The simplest way to “thwart” the use of this software on your phone would be to get the latest model, because (as people who are familiar with jailbreaking know) the limera1n exploit is fixed in the bootrom of the A5 (iPad 2 and iPhone 4S) as well as the A5X (iPad 3) chip.
Chronic also points out that it was possible to crack the passcode in 2 minutes as the passcode used in the video was 0000. As we had pointed out, you can make it tougher to crack the passcode by using one that is long, has letters, punctuation, symbols, and numbers (Settings -> General -> Passcode Lock -> Turn off the Simple Passcode toggle -> enter a new passcode).
Not surprisingly, Micro Systemation has pulled the “we can crack the passcode in 2 minutes” video from YouTube.