We all know that iOS is one of the most secure mobile platforms on the market, but it’s far from perfect. How else do you think hackers are able to find exploits in the software that allows us to jailbreak our devices?

With that in mind, it’s no surprise that the folks over at Micro Systemation, a Swedish security firm, are able to bypass an iPhone’s passcode lock in under 10 minutes. Don’t believe it? Watch this video…

The security firm calls its in-house software XRY, and as you can see, it’s very effective. Utilizing exploits, similar to those used in jailbreaks, XRY can crack an iPhone’s passcode, and download private data like call logs, contacts, and messages.

It’s scary how easy they make this look. It seems that even with a passcode set, your personal data on your iPhone is never safe. Especially if you were to lose your phone. Luckily, Apple’s Find My iPhone service has a handy remote wipe button.

[Forbes via 9to5Mac]

  • Anonymous

    Wow, not good. :/

  • Anonymous

    Hey Jeff this Plugin Disqus was Exploit

    Vulnerability Description **

    The WordPress Disqus Commment System version 2.68 was found to be effected by Reflected Cross-Site Scripting (XSS). At the time of writing the plugin (not version) had been downloaded 504,746 times.
    you can scanner your wp with WPScan

  • I read some info on cracking the 4-digit passcode lock a while ago. I recall it said a text passcode can’t be cracked (or at least not yet). So the solution is to use a text passcode 🙂


    • Anonymous

      It doesn’t matter how secure the 4-digit passcode is. This software actually gets the passcode by dumping it, not by brute-force. This process would have worked just the same(and just as fast) had the passcode been “4291” or something else.

  • I use a fuctionality from igotya that doesn’t allow to power off the iPhone when its locked.. Will that protect me? Or it can still enter dfu mode?

    • Kok Hean

      Set in Activator to respring while holding the sleep button.

      • tim

        it doesn’t matter when it is done (during respring, or when the power off mode is disabled with igotya) dfu mode can always be achieved through the steps we all use to jailbreak our idevcies (granted it is <a5). it's hard wired into ios, into the device. I read something that a user from Modmyi said about it, his name is orbyorb, if youre intersted in knowing more about it. oh and btw he's totally using limerain to get into that i4. I think he should have given geo some credit with this, goodness knows how many Hours (geo I mean) put into it. atleast mention what the exploit is called man!

    • Anonymous

      Holding home and power will still turn it off unfortunately.

      • Kok Hean


    • Anonymous

      Worst case, then they’ll just run down the power while blocking all transmissions (wifi, cell).

      You’ve only delayed them a little bit. However, as another post says, no, it won’t.

  • The iPhone passcode was actually decrypted in actual 2:15 (it shows the 0000), not anywhere near the 10 minutes. I sugest you guys to change it, as it is almost 5 times quicker than you claim.

  • Don’t you mean “Watch this security firm break an iPhone’s passcode in under 2 and a half minutes?” Did you even watch the video?

  • Luca D’Intino

    cool, now make another video for blackberry and android phones

  • Interesting.
    In order to get the passcode you will need root access to the iOS filesystem, which in other words means they are using exploits similar to the ones used in jailbreaking programs.
    As seen in the video this is only 5.0.1 on iphone 4,4 (4S) so they are likely to use all ready released exploits until they prove to perform the same thing on 5.1.
    If they are able to do so they have an own exploit for iOS 5.1 on A5 devices which is even more interesting.

    • To correct my self:
      The program changes the boot logo in an early boot process.
      Could be high likely that they have a boot rom exploit for A5.

    • I don’t think it is an iphone 4s, I thought he said it was an iphone 4 in the video.

  • Imahottguy

    What scares me is that they sell this to government agencies, police, etc. So if for some odd reason the police have me in their cross hairs, they could just plug my phone in and dump the entire system, and/or retrieve the passcode and have a look for themselves. I realize that the police don’t just pick people for no reason, but mistakes DO happen, and I really do like my privacy. That’s kinda one of the reasons I have a passcode in the first place. On the other hand, I applaud this company for their l33t sk1llz! lol

  • What’s the big deal?
    They just used the limera1n exploit.
    Anyone can do that without their fancy application.


  • Anonymous

    It seems to be a bootrom exploit, so does that mean that this wouldn’t work on A5/A5X devices?

    • Anonymous

      yeap, it seems not to work on A5 devices…. at least not in 5.1

  • Anonymous

    “most secure mobile platforms”… I’m sorry, but I have to say: AHAHAHAHAHAHAHAHAHAHHAHAHHAHAHAHAHAHAHAHAHAHA
    OMG that was funny.

    A barely 2.5 minute hack and you have full access to the phone. You call this “most secure”? With this benchmark, no wonder why most i-fanboys proclaim APL products are secure from hacks and malware! They’re only counting the first two minutes of the product’s life!

    • get a life… wierd that at sprint stores the salesmans have to install anti-virus for the androids they sell, I’ve seen this happening a lot of times… no system is perfect Dude, there are just those that are more secure than others…

  • Anonymous

    haha…. i think that can’t be done in an iphone 4S since there’s no “limera1n” nor an exploit to hack it… at least on 5.1 there isnt.

  • Jonathan

    Is the software for sale?

  • Watch me break an iPhone in under 10 mins