Jump to content



Photo

iCloud and iOS activation lock hacked


  • Please log in to reply
12 replies to this topic

#1 #Michael

#Michael

    Neowinian Senior

  • 6,177 posts
  • Joined: 28-August 01

Posted 22 May 2014 - 13:59

I suppose this goes along with yesterday's report with ebay:

 

 


An anonymous hacker who has exploited an iCloud security flaw that lets anyone unlock a lost or stolen iPhone says Apple contacted him about the matter today, but he deleted the email.

“They have asked me to contact [them] as quickly as possible, but why now?” the hacker, who goes by AquaXetine, said in an email to Cult of Mac. “I’ve already warned Apple couple months ago.” Cult of Mac confirmed that the email did in fact come from Apple.

The hack, which is the first of its kind, bypasses the iCloud security system for locked iOS devices called Activation Lock. By using the free DoulCi site, which appeared to be offline most of the day but is now back up, a locked iOS device can be tricked into thinking it’s talking to Apple’s iCloud servers when connected to a computer.

 

 

Full article over at cult of mac: http://www.cultofmac...se-little-late/




#2 Co_Co

Co_Co

    g status

  • 6,297 posts
  • Joined: 26-July 04
  • Location: Toronto, Canada

Posted 22 May 2014 - 14:23

this guy can suck an egg. doesn't matter how long apple takes to email you back, you obviously did it to help the black market. 



#3 OP #Michael

#Michael

    Neowinian Senior

  • 6,177 posts
  • Joined: 28-August 01

Posted 22 May 2014 - 14:33

this guy can suck an egg. doesn't matter how long apple takes to email you back, you obviously did it to help the black market. 

 

I would also say based on this person's tweets that it sounds like he/she is a teenager.  Very immature language.



#4 Dan~

Dan~

    Neowinian Senior

  • 2,667 posts
  • Joined: 21-May 03

Posted 22 May 2014 - 14:35

I see a lot of phones on Ebay saying iCloud activation lock?  What does that mean?  Basically stolen? Is there a legitimate way around them, or are they basically dead?



#5 +Chicane-UK

Chicane-UK

    Neowinian Senior

  • 9,788 posts
  • Joined: 02-November 01
  • Location: The UK!
  • OS: MacOS 10.9 Mavericks
  • Phone: Google Nexus 4

Posted 22 May 2014 - 14:45

Does seem a bit of a mistake to think you can you go head to head with one of the worlds largest tech companies and not come out having taken a bit of a beating. 



#6 Deleted Bye

Deleted Bye

    Neowinian Senior

  • 3,781 posts
  • Joined: 17-June 09

Posted 22 May 2014 - 14:47

I see a lot of phones on Ebay saying iCloud activation lock?  What does that mean?  Basically stolen? Is there a legitimate way around them, or are they basically dead?

 

this is the owners of any IOS7+ devices "kill switch". Not always stolen but could be. When an owner of an IOS7+ device logs in with their apple ID (icloud username/password) the system registers the serial number of the device on apples servers. Any time there after, any time that device needs to be activated, it needs this username and password UNLESS the user has removed "FIND MY IPHONE".

 

So lets say someone steals your device (or you lose it). 2 scenarios:

 

1) Lets say you didn't have your phone locked. Well, the thief (or finder) could go in and say "RESET THIS DEVICE" which it would. BUT when its done and comes back on, when it was time to activate the device, you NEED to put in the apple ID (icloud) information or the device is a brick. 

 

2) Lets say you did have your phone locked. Well, the thief (or finder) could plug into iTunes and do a full system restore/wipe which it would. BUT when its done and comes back on, when it was time to activate the device, you NEED to put in the apple ID (icloud) information or the device is a brick. 

 

If the user DOES NOT remove this apple ID from "FIND MY IPHONE" before selling it, or giving it away, it is a brick to the new owner.



#7 Deleted Bye

Deleted Bye

    Neowinian Senior

  • 3,781 posts
  • Joined: 17-June 09

Posted 22 May 2014 - 14:55

who the heck would input their username password into here???!!!! lol

 

http://doulci.net/#crew



#8 jasondefaoite

jasondefaoite

    Neowinian

  • 1,487 posts
  • Joined: 04-October 02
  • Location: Ireland - Singapore

Posted 22 May 2014 - 15:05

who the heck would input their username password into here???!!!! lol

 

http://doulci.net/#crew

 

Er .. no one? It's an image. No text fields.

 

The only thing you need from the site is the server IP to add to your HOSTS file. After that fire up itunes and it should activate without knowing the user/pass for the locked phone.

 

While all things get hacked, I think Apple's response to this was ###### to say the least. The guy emailed Apple over this 2 months ago and as usual was ignored. No reply. So now the server has gone live and is unlocking phones, Apple emails him. Too little too late.

 

Apple need to get this fixed.
 



#9 Co_Co

Co_Co

    g status

  • 6,297 posts
  • Joined: 26-July 04
  • Location: Toronto, Canada

Posted 22 May 2014 - 15:32

Er .. no one? It's an image. No text fields.

 

The only thing you need from the site is the server IP to add to your HOSTS file. After that fire up itunes and it should activate without knowing the user/pass for the locked phone.

 

While all things get hacked, I think Apple's response to this was #### to say the least. The guy emailed Apple over this 2 months ago and as usual was ignored. No reply. So now the server has gone live and is unlocking phones, Apple emails him. Too little too late.

 

Apple need to get this fixed.
 

1) a nobody emails a large corporation with a unverified claim

2) this email has to find the right people in charge of iOS security and the right person in charge of managing personnel 

3) other work is on-going so how much time or resources do you allocate to an unverified claim from a random email

4) once you start looking into the issue how long do you think it would take to research potential sources of the flaw 

 

if you think you can just email google and they will be like "hey thanks for the heads we are stopping all development and focusing on the issue you brought up" thats cray -cray 



#10 +LogicalApex

LogicalApex

    Software Engineer

  • 6,320 posts
  • Joined: 14-August 02
  • Location: Philadelphia, PA
  • OS: Windows 7 Ultimate x64
  • Phone: Nexus 5

Posted 22 May 2014 - 15:43

1) a nobody emails a large corporation with a unverified claim

2) this email has to find the right people in charge of iOS security and the right person in charge of managing personnel 

3) other work is on-going so how much time or resources do you allocate to an unverified claim from a random email

4) once you start looking into the issue how long do you think it would take to research potential sources of the flaw 

 

if you think you can just email google and they will be like "hey thanks for the heads we are stopping all development and focusing on the issue you brought up" thats cray -cray 

A large company like Apple should have a dedicated security team who verifies and prioritizes these "random" emails. I imagine that most vulnerabilities reported appear to come from random individuals. Especially with the bounties most companies offer to incentivize prompt reporting to them first.

 

Someone at Apple dropped the ball here; at least that what it appears to be in my cursory skimming of the issue at hand.



#11 Deleted Bye

Deleted Bye

    Neowinian Senior

  • 3,781 posts
  • Joined: 17-June 09

Posted 22 May 2014 - 16:33

Er .. no one? It's an image. No text fields.

 

The only thing you need from the site is the server IP to add to your HOSTS file. After that fire up itunes and it should activate without knowing the user/pass for the locked phone.

 

While all things get hacked, I think Apple's response to this was #### to say the least. The guy emailed Apple over this 2 months ago and as usual was ignored. No reply. So now the server has gone live and is unlocking phones, Apple emails him. Too little too late.

 

Apple need to get this fixed.
 

ohhh, shoot, didn't even notice that, i assumed for some reason they needed your ID to do it and didn't notice it was just a pic.



#12 Astra.Xtreme

Astra.Xtreme

    Electrical Engineer

  • 8,170 posts
  • Joined: 02-January 04
  • Location: Milwaukee, WI

Posted 22 May 2014 - 16:46

A large company like Apple should have a dedicated security team who verifies and prioritizes these "random" emails. I imagine that most vulnerabilities reported appear to come from random individuals. Especially with the bounties most companies offer to incentivize prompt reporting to them first.

 

Someone at Apple dropped the ball here; at least that what it appears to be in my cursory skimming of the issue at hand.

That actually probably is the case, but emails that are sent full of immaturity will likely get ignored.  Going by the (kid's?) Twitter account, he has a pretty p*ss poor attitude.  If I email any company and say "lololollolo I haxored your sh*t.  You've been warned...", I don't think they would give a damn.



#13 Co_Co

Co_Co

    g status

  • 6,297 posts
  • Joined: 26-July 04
  • Location: Toronto, Canada

Posted 22 May 2014 - 18:24

i dont think most vulnerabilities come from random people. they come from security researchers from respected firms, they come from people working on shared tech like chromium project updating webkit or google security, they come from people who don't email from a gmail or hotmail account

 

you can look at these for example most come from google people 

 

http://support.apple.com/kb/HT6150

http://support.apple.com/kb/HT6254

 

that submit vulnerabilities page linked above doesn't go directly to the project manager in charge of iOS or OS X security, someone has to filter and forward it and rank its importance based on lots of factors like who it comes from and what they say in the email 

 

like i said, if your a nobody who emails apple don't expect an immediate response