I've always thought of an iPhone passcode as being fairly secure โ€” it's a 4-digit number, whith a lockout that prevents just mashing buttons until you find the right answer. But apparently, there's a cheap box that can get hack your security, no matter what.

According to MDSec, there's a $300 device called an IP Box that brute-forces iPhones over USB. Rather than trying each passcode physically on the screen, it uses USB to enter the passcode. If the attempt is incorrect, the box cuts power to the phone, preventing it from recording the failed passcode attempt, and thereby granting the box unlimited guesses at your passcode.

Advertisement

Each PIN entry takes 40 seconds, which means that bypassing the passcode will take around 4-5 days. That might seem like a long time, but given the wealth of data lurking on your smartphone, it's probably worth the wait. Just another reminder that the data on your phone is never really truly safe. [MDSec]