Fruity cargo cult Apple’s delays in fixing its iCloud security problems have come under fire from a hacker.
Apple has been pushing its security tools which can switch off lost or stolen iPhones. Activation Lock was a fail-safe introduced in iOS 7 to keep stolen iPhones and iPads from being usable. The system is designed to keep the contents of locked devices unreadable and unable to be erased without the user’s Apple ID.
But a flaw in Apple’s superior rounded rectangle programming iCloud means that hackers can get around Activation Lock using a free tool. This means that any security is just token and content can be accessed.
If you have lost your iOS devices, a hacker who knows about the problem can break into them despite the feature that is supposed to protect them.
Hacker AquaXetine took to Twitter today to announce that Apple was “soooooooo toooo late” to fix the problem.
AquaXetine who warned Apple of the security issue a “couple months ago” worked alongside MerrukTechnolog to create what they say is the first “iCloud Activation Bypass”.
The bypass is a form of a “man-in-the-middle attack,” which means that it intercepts traffic going between a device and Apple’s servers. It would require a new update from Apple to patch it, however that really depended on Apple being on the ball.
Being on balls is not something Jobs’ Mob does. For it to release a patch, it first has to go through an extensional crisis whenever it realises its software is not perfect.
Apparently, Apple has just gotten around to ask him to get in touch. AquaXetine has released his bypass tool, called DoulCi, and it remains available for thieves to unlock stolen iPhones.
Apple hasn’t responded to AquaXetine’s statements but then again it rarely does.