Apple is pretty uptight when it comes to security, but hasn’t always done the best job at it. From the iOS 8 fingerprint bug to the whole iCloud fiasco, there is a lot that has been overlooked. I know jailbreaking your device isn’t the safest idea in the world, but if you have a password-protected iOS device that also happens to be jailbroken, it might not be so protected afterall. A new software-only tool, TransLock, can bypass iPhone passcode and get inside without requiring a reset on the iOS.
Previously, this was made possible with the help of a hardware-based “IP Box” tool. Through the use of a USB connection, the idea is to brute force the PIN-protected device until it reveals its secrets. Brute force attacks try every possible PIN combination until the correct one is found.
Here’s how a hardware-based setup looks like;
TransLock
TransLock does essentially the same thing, but it is software-based only so you don’t have to invest in an expensive setup. It checks all combinations from 0000 through to 9999. Naturally, each try takes time, and the device also gets disabled after certain number of wrong tries within a short span of time. So giving each attempt a time window of 5 seconds, this tool, in the worst-case scenario, will take about 15 hours to crack the PIN.
The only caveat for this program is that the device must be able to run unsigned code, i.e., the device must be jailbroken. So if your device isn’t jailbroken, you don’t need to worry about others hacking into your phone. Also, if you use a complex PIN code, it becomes exponentially difficult for this tool to crack it – virtually rendering it useless.
This tool can be useful in cases where you have forgotten your passcode, or simply have been locked out of your own device by someone else.
Note: We do not, by any means, encourage the usage of a tool like this for malicious purposes. It can be a lifesaver in certain situations, and eye-opening in others. So it is worth reading about and realizing the risks your jailbroken iDevice faces.
What do you think about tools like this that bypass phone security?