Kochi, Dec 3: Hemanth Joseph, an engineering student, has found out a route to bypass Apple's highly secure activation lock, which allows the owner to prevent others from using the iPhone, iPad, iPod Touch or Apple Watch once it is stolen or lost.
What Joseph used was the security lapse in the input fields for name, username and password. "There was no character limit in those input fields. No one will set a Wi-Fi name with a 10,000-letter name or a password with 10,000 letters so a character limit is important for fixing this bug," Joseph wrote in his blog, after his friends prompted him to reveal how he did it.
It all started with Joseph buying a used iPad from eBay for his friend and finding out that it was locked by the previous owner. While playing around with the 'bricked' tablet, he found out that it doesn't have a character limit for input fields for the verification before connecting to the 'another Wi-Fi network' option. "We can enter as many characters as we like to that field. Perfect for creating an OverFlow," he wrote in his blog.
Joseph, who calls himself a 'security researcher', ventured into the world of 'bug hunting' at a relatively young age - while studying for plus two. Few months ago, he won US$ 7,500 (Rs 5 lakh) from Google for pointing out a bug in its Cloud platform. Similar feats won him acknowledgements from more than 45 companies, which include AT&T, Pebble, Twitter and Microsoft. This time, Apple has written to him saying they are investigating the issue.
Comments
keep doing your great work.
Brilliant! No doubt we have good brains.
It has been 43 years since the first mobile phone invented by Motorola, I don't think we indians have our own full fledged mobile manufacturing unit in India at all. All assembled phone parts are imported from China.
Best Of luck My INDIAN Brother ....
For Viren , this is an IT Crusade i think
Keep it up Joseph
why always talent like this is coming from kerala.
Brilliant!Congratulations! Ideal engineering student,need of the hour,we need more from such people who are capable of skill development.
So iOS too is insecure ... wonder why the BJP is pushing for demonetization when a card can be hacked in 6 seconds ... bunch of hypocrites and deshdrohis ... may the Almighty save our India ... Jai Hind ...
i wana marry him.
This genius will surely get job offer from top IT companies.
Brilliant...well done Joseph...that's true IT talent
Add new comment