Remember that two-minute passcode lock exploit we told you about last week? The one by Swedish security firm Micro Systemation behind the XRY app that can get to your data, including contacts, messages and call logs? Well, prominent hacker Chronic has proved them wrong. In an effort to set the record straight, the hacker posted a clarification on his website that pretty much debunks their claim.
Though the XYR tool taps a popular jailbreak exploit, Chronic is adamant the two minutes it takes to crack your passcode is only valid if you set your passcode to ‘000’. Conspicuously, that’s the passcode the firm showed in their demo clip. Interesting enough, the original video of the exploit in action is no longer available on YouTube.
The two-minute passcode crack is a “linkbait”, explains the prominent hacker who goes by his real name Will Strafach. According to his blog post from yesterday, the Micro Systemation exploit only holds true if your passcode is set to ‘0000’, adding:
The only “special” thing XRY has done is create a tool that is simple enough to be utilized by LE personnel.
Furthermore, it won’t work on the iPhone 4S, iPad 2 and the new iPad.
The simpliest way to “thwart” the use of this software on your phone would be to get the latest model, because (as people who are farmilliar with jailbreaking know) the limera1n exploit is fixed in the bootrom of the A5 (iPad 2 and iPhone 4S) as well as the A5X (iPad 3) chip.
He’s also saying people unwilling to upgrade their device to the latest model can protect themselves from passcode-cracking tools such as Micro Systemation’s XYR app by setting a lengthier password.
Just open open Settings on your device, tap General, then Passcode Lock and disable the Simple Passcode toggle. This will help better secure your device as it takes “much longer than two minutes” to crack a lengthy passcode.
I must admit, I have my device protected with a simple four-digit passcode. I’m just not fond of long passwords as these take much longer to type in each time I unlock my device.
How about you? Do you use a simple passcode or a lengthier one?