This Cheap Hack Shows No iPhone PIN is Really Safe

By Chris Mills on at

I've always thought of an iPhone passcode as being fairly secure — it's a 4-digit number, with a lockout that prevents just mashing buttons until you find the right answer. But apparently, there's a cheap box that can hack your security, no matter what.

According to MDSec, there's a $300 (£205) device called an IP Box that brute-forces iPhones over USB. Rather than trying each passcode physically on the screen, it uses USB to enter the passcode. If the attempt is incorrect, the box cuts power to the phone, preventing it from recording the failed passcode attempt, and thereby granting the box unlimited guesses at your passcode.

Each PIN entry takes 40 seconds, which means that bypassing the passcode will take around 4-5 days. That might seem like a long time, but if it means that stolen iPhones can be sold as legitimate devices, it's probably worth the wait. Just another reminder that the data on your phone is never really truly safe. [MDSec]