top of page

"Huckleberry Finn" - Gruppe für Lehrer

Öffentlich·7 Mitglieder
Zurück
Daniel Foster
Daniel Foster
17. Juni 2023

How to Break Activation Lock on iPad with iOS 10.1.1 Using a Simple Glitch | iMore





Exploit Bypasses Activation Lock on iPads Running iOS 10.1.1




Activation Lock is a feature that prevents anyone else from using your iPhone, iPad, or iPod touch if it's ever lost or stolen. It links your device to your Apple ID and password, so that even if someone erases your device or puts it in recovery mode, they won't be able to reactivate and use it without your permission. This makes your device less valuable for thieves and increases your chances of getting it back.




Exploit Bypasses Activation Lock on iPads Running iOS 10.1.1



However, a security researcher has discovered an exploit that can bypass Activation Lock on iPads running iOS 10.1.1, an older version of Apple's operating system. The exploit uses a buffer overflow technique that causes the device to freeze and glitch out when entering very long strings of characters in the Wi-Fi settings. By rotating the device, closing and opening its Smart Cover, and timing a press of the Home button, the exploit can access the Home screen for a split second and bypass Activation Lock entirely.


In this article, we will explain what Activation Lock is and how it works, how to check and enable it on your device, how to remove it if you need to, how the exploit can bypass it on iPads running iOS 10.1.1, and how to protect your iPad from this exploit and other threats.


What is Activation Lock and How Does It Work?




Activation Lock is a feature that was introduced in iOS 7 and is available on devices that support Find My, such as iPhone, iPad, iPod touch, Apple Watch, and Mac. Activation Lock is designed to make your device less attractive to thieves and increase your chances of recovering it if it's ever lost or stolen.


When you turn on Find My on your device, Activation Lock is enabled automatically. This means that your Apple ID and password are required to erase or reactivate your device. Even if someone wipes your device or puts it in recovery mode, they won't be able to use it without entering your credentials. This also applies to devices that you buy from someone else. You should always check the Activation Lock status of a device before purchasing it, and ask the seller to remove it if it's still on.


Activation Lock also works with Lost Mode, a feature that lets you remotely lock your device, display a custom message with your phone number, and track its location. Lost Mode also disables Apple Pay and other features on your device for your security. You can use the Find My app on another device or iCloud.com/find on a web browser to access Lost Mode and other Find My features.


How to Check and Enable Activation Lock on Your Device




Check Activation Lock Status




If you want to check if Activation Lock is enabled on your device, you can follow these steps:


  • On your device, go to Settings > [your name] > Find My > Find My [device]. If you see "Find My [device]" and "Send Last Location" on, then Activation Lock is on.



  • If you don't see "Find My [device]" in Settings, then your device doesn't support this feature and Activation Lock is not available.



  • If you want to check the Activation Lock status of a device that you don't own, such as one that you want to buy from someone else, you can use the Check Coverage website. Enter the serial number or IMEI of the device and click Continue. If you see a message that says "Activation Lock: On", then the device is still linked to someone else's Apple ID and you should ask them to remove it before buying it.



Enable Activation Lock




If you want to enable Activation Lock on your device, you need to turn on Find My on your device. This will also allow you to use other features such as locating, locking, and erasing your device remotely. To turn on Find My on your device, you can follow these steps:


  • On your device, go to Settings > [your name] > Find My.



  • If you're asked to sign in, enter your Apple ID and password.



  • Tap Find My [device], then turn on Find My [device]. If your device is offline, tap Enable Offline Finding to find your device even when it's not connected to Wi-Fi or cellular.



  • To help someone return your device to you, turn on Send Last Location. This will automatically send the location of your device to Apple when the battery is critically low.



How to Remove Activation Lock from Your Device




Remove Activation Lock on the Device




If you want to remove Activation Lock from your device, you need to enter the Apple ID and password that you used to set up your device. This will also turn off Find My and erase all of your data and settings from your device. To remove Activation Lock on your device, you can follow these steps:


  • On your device, go to Settings > General > Reset > Erase All Content and Settings.



  • If you're asked to enter your device passcode, enter it.



  • If you're asked to enter your Apple ID and password, enter them.



  • Wait for the process to complete. Your device will restart and display the Hello screen.



Remove Activation Lock on the Web if a Device is Offline




If you want to remove Activation Lock from a device that is not connected to the internet, you can use iCloud.com/find on a web browser. This will also turn off Find My and erase your device remotely. To remove Activation Lock on the web, you can follow these steps:


  • On a computer or another device, go to iCloud.com/find and sign in with your Apple ID and password.



  • Click All Devices at the top of the screen and select the device that you want to remove.



  • If the device is offline, click Remove from Account. If the device is online, click Erase [device], then click Remove from Account.



  • Once the device is erased and removed, it will no longer be linked to your Apple ID and Activation Lock will be turned off.



Start a Support Request if You Need Help Removing Activation Lock




If you don't have your Apple ID and password or your device passcode, or if you bought a device that is still linked to someone else's Apple ID, you may need help from Apple Support to remove Activation Lock. To start a support request, you need to have proof of purchase documentation that shows that you are the owner of the device. To start a support request, you can follow these steps:




  • Select Lost or Stolen Device, then select Activation Lock.



  • Follow the instructions to submit your proof of purchase documentation and your contact information.



  • Wait for Apple to review your request and contact you with the next steps.



How an Exploit Can Bypass Activation Lock on iPads Running iOS 10.1.1




Activation Lock is supposed to be a strong security feature that protects your device from unauthorized access and use. However, a security researcher named Hemanth Joseph has discovered an exploit that can bypass Activation Lock on iPads running iOS 10.1.1, an older version of Apple's operating system. The exploit uses a buffer overflow technique that causes the device to freeze and glitch out when entering very long strings of characters in the Wi-Fi settings.


The exploit works by taking advantage of a bug in the Wi-Fi setup screen that allows the user to enter an arbitrary amount of characters in the name and password fields of a Wi-Fi network. By entering overlong strings of characters, the user can trigger a buffer overflow, which is a type of memory corruption error that occurs when a program tries to store more data than it can handle in a fixed-size memory location. This can cause the program to crash, behave unpredictably, or execute malicious code.


In this case, the buffer overflow causes the iPad to freeze and display a spinning wheel on the screen. However, by rotating the device, closing and opening its Smart Cover, and timing a press of the Home button, the user can access the Home screen for a split second and bypass Activation Lock entirely. This allows the user to use the device normally, without entering the Apple ID and password of the original owner.


The exploit was demonstrated by Hemanth Joseph in a video posted on YouTube. He also reported the bug to Apple through their bug bounty program. Apple has since fixed the bug in later versions of iOS and iPadOS, so the exploit no longer works on devices that are up to date.


How to Protect Your iPad from the Exploit and Other Threats




Update Your iPad to the Latest Version of iPadOS




One of the best ways to protect your iPad from the exploit and other threats is to update your iPad to the latest version of iPadOS, which is Apple's operating system designed specifically for iPads. Updating your iPad will ensure that you have the latest security patches, bug fixes, and features that Apple provides. To update your iPad wirelessly or using your computer, you can follow these steps:


  • On your iPad, go to Settings > General > Software Update. If there is an update available, tap Download and Install.



  • If you see a message that says "Your software is up to date", then you have the latest version of iPadOS and you don't need to update.



  • If you want to update your iPad using your computer, connect your iPad to your computer using a USB cable and open iTunes or Finder. Select your iPad from the sidebar and click Check for Update. If there is an update available, click Download and Update.



  • Wait for the update process to complete. Your iPad will restart and display the Hello screen.



Use the Built-in Privacy and Security Protections of iPad




Another way to protect your iPad from the exploit and other threats is to use the built-in privacy and security protections that iPad offers. These are some of the features that help you safeguard your data and privacy on your iPad:


  • Passcode: A passcode is a four-digit or six-digit code that you enter to unlock your iPad. You can also use a custom alphanumeric code for more security. A passcode prevents anyone else from accessing your iPad without your permission. To set up a passcode on your iPad, go to Settings > Face ID & Passcode or Touch ID & Passcode and tap Turn Passcode On.



  • Face ID or Touch ID: Face ID and Touch ID are biometric authentication methods that use your face or fingerprint to unlock your iPad, make purchases, and use apps. They are more convenient and secure than a passcode, as they are unique to you and can't be guessed or stolen. To set up Face ID or Touch ID on your iPad, go to Settings > Face ID & Passcode or Touch ID & Passcode and follow the instructions.



  • Find My: Find My is a feature that helps you locate, lock, and erase your iPad remotely if it's ever lost or stolen. It also enables Activation Lock, which prevents anyone else from using your iPad without your Apple ID and password. To turn on Find My on your iPad, go to Settings > [your name] > Find My > Find My [device] and turn it on.



  • Lockdown Mode: Lockdown Mode is a feature that disables Face ID, Touch ID, and USB accessories on your iPad when you press the power button five times quickly. This can prevent someone from forcing you to unlock your iPad with your face or finger, or from accessing your data through a USB connection. To enable Lockdown Mode on your iPad, go to Settings > Emergency SOS and turn on Call with Side Button.



Conclusion




In this article, we have explained what Activation Lock is and how it works, how to check and enable it on your device, how to remove it if you need to, how an exploit can bypass it on iPads running iOS 10.1.1, and how to protect your iPad from this exploit and other threats. We hope that you have learned something useful and that you will take the necessary steps to secure your device and data.


Activation Lock is a powerful feature that protects your device from unauthorized access and use if it's ever lost or stolen. It links your device to your Apple ID and password, so that even if someone erases your device or puts it in recovery mode, they won't be able to reactivate and use it without your permission. However, Activation Lock is not foolproof, as a security researcher has discovered an exploit that can bypass it on iPads running iOS 10.1.1 using a buffer overflow technique.


To prevent this exploit and other threats from compromising your device and data, you should update your iPad to the latest version of iPadOS, which fixes the bug and provides other security patches and features. You should also use the built-in privacy and security protections of iPad, such as passcode, Face ID or Touch ID, Find My, and Lockdown Mode. These features will help you safeguard your data and privacy on your iPad.


If you want to learn more about Activation Lock and other security topics, you can visit the following resources:


  • Apple Support: Activation Lock for iPhone, iPad, iPod touch, Apple Watch, and Mac



  • Apple Support: How to update your iPhone, iPad, or iPod touch



  • Apple Support: About privacy and security in Safari for iPhone, iPad, or iPod touch



  • Hemanth Joseph: Bypassing iOS 10.1.1 Activation Lock Screen using Buffer Overflow Vulnerability



FAQs




Here are some frequently asked questions and answers related to the topic of the article:


  • Q: How do I know what version of iOS or iPadOS my device is running?



  • A: You can check the version of your software by going to Settings > General > About and looking at the Software Version field. You can also see the version of your software by connecting your device to your computer and opening iTunes or Finder.



  • Q: What if I forget my Apple ID or password?



  • A: If you forget your Apple ID or password, you can use the iForgot website to reset them. You will need to provide your Apple ID, your recovery email address, or your phone number. You may also need to answer some security questions or enter a verification code that is sent to your trusted device or phone number.



  • Q: What if I don't have a Smart Cover for my iPad?



  • A: If you don't have a Smart Cover for your iPad, you can use any magnet that is strong enough to trigger the sleep/wake function of your iPad. You can test this by placing the magnet near the right edge of your iPad and seeing if it turns off the screen. However, be careful not to damage your iPad or other devices with the magnet.



  • Q: How do I report a bug or a security issue to Apple?



  • A: If you find a bug or a security issue in Apple's software or services, you can report it to Apple through their Feedback Assistant website or app. You will need to sign in with your Apple ID and provide as much information as possible about the issue, such as the steps to reproduce it, the expected and actual results, and any screenshots or logs that can help diagnose it.



  • Q: How do I join Apple's bug bounty program?



  • A: Apple's bug bounty program is an invitation-only program that rewards researchers who find and report security issues in Apple's software and services. To join the program, you need to have a proven track record of finding high-quality security issues and following responsible disclosure practices. You can also apply for an invitation by emailing product-security@apple.com with your name, affiliation, and a list of your previous security research.



dcd2dc6462


Info

Willkommen in der Gruppe zu unserer Aufführung "Huckleberry ...
Weiterlesen

Mitglieder

Alle Mitglieder anzeigen (7)
bottom of page