Here’s How This Guy Froze iPad To Break Its “Activation Lock” Security Feature


Short Bytes: iCloud Activation Lock is a feature which stops a person from using an iPad or iPhone in case it gets stolen. A guy named Hemanth Joseph has successfully bypassed the iCloud Activation Lock by entering thousands of characters in the WiFi password field.

Hemanth Joseph, a security researcher based in Kerala, India, bought a second-hand iPad Air (iOS 10.1) from the e-commerce website eBay. He didn’t expect to get fooled by the seller. Joseph couldn’t access the iPad Air as it was protected by iCloud lock protection.

iCloud lock protection is a security feature included in Apple iPads to prevent unauthorized to access the device in case it gets lost of stolen. iCloud lock can be enabled using the Find my iPhone feature present on devices running iOS operating system.

Until now, there was no possible way to get past the iCloud Activation lock without entering the Apple ID and password associated with it. Joseph notified Fossbytes via a message that he was able to break the iCloud activation lock on his iPad Air.

Thousands of characters can be entered in the password field.

iOS devices connect to a WiFi network to check whether the iCloud activation lock is enabled for the device or not. While connecting to a wireless network, iPad allows an unlimited number of characters in the password field. Joesph exploited this functionality by entering thousands of characters in the password field – after choosing WPA2 Enterprise in Other Network – until the iPad froze.

Joseph pressed the sleep/wake button hoping it would land him on the home screen but it only restarted the Activation lock. He, then, used the Smart Cover to lock the frozen device and then unlock it. After waiting for a few seconds, the iCloud Activation lock crashed and the home screen was displayed on the device, enabling him to use the device.

Apple has been notified about the bug and a fix has been released. Joesph said that the company should limit the length of the password as people don’t make passwords longer than 50 characters in practical scenarios.

Hemanth Joseph has uploaded the iCloud activation lock bypass video on his Google Drive account.

Read more about the bypass method in Joseph’s blog post.

If you have some something to add, tell us in the comments below.

Now Watch: Best Ways To Destroy An iPhone

Similar Posts