Kerala-based researcher breaks Apple’s iPad lock

Apple’s devices are known for the security they offer to the users. They are rather difficult to hack. However, Hemanth Joseph, a Kerala-based security researcher appears to have discovered a bug in Apple’s iOS 10.1 operating system, which allowed him to get past iPad’s activation lock.

Joseph, who discovered a weakness in the iOS device setup process, decided to test it on a locked iPad he had purchased from eBay. When asked to choose a Wi-Fi network, he selected ‘other network’ and proceeded to fill its name and a WPA2-enterprise key in with numerous characters. His motive was the freeze the iPad and it worked. He began to work on a way to make the set-up process fail. After spending time fiddling with the sleep/wake button and Apple’s Smart Cover, Joseph succeeded at breaking the iPad’s activation lock. He demonstrated the bypass in a video uploaded to Google Drive.

This bug was reportedly fixed by Apple in an iOS update last month.

Hemanth Joseph, who is currently working as information security researcher at the first Slash Secure, is also serving as commander at Kerala Police Cyberdome. He is the founder of India’s first open security community for students called 0SecCon and has been listed on Google’s Hall of fame for reporting a critical vulnerability in Google Cloud Platform.

A similar issue was discovered by researchers at US-based Vulnerability Lab in iOS 10.1.1 previously. In this scenario, the home screen appeared for an instant and then disappeared.

The danger is that a criminal can quite easily replicate the attack on another person’s Apple device and be able to set it up as a new device.