Hemanth Joseph from Kerala and Kunz Mejri from Vulnerability Lab are two researchers who have something in common – both found a way to bypass Apple’s secure Activation Lock in iOS 10.1 and 10.1.1 versions. Said feature allows users who have lost their iPhone or iPad to remotely lock their device and prevent anyone else from accessing it.
The issue was first reported in November by Joseph who detailed the exploit on his blog. It all started when his friend purchased an iPad Air from eBay that had Activation Lock enabled. This mode allows for the locked device to be connected to a Wi-Fi network.
Joseph took advantage of this feature to crash the iPad by flooding the WPA2-Enterprise username and password fields with long strings of random characters. The buffer overflow tactic was not enough to do the trick though.
![[Bug Bounty] Apple iOS v10.1.1 - iDevice Lock Activation Bypass via local Buffer Overflow](https://www.mobiletor.com/wp-content/cache/flying-press/yygvBJBFy4s-hqdefault.jpg)
The last step involved closing and opening iPad’s Smart Cover to gain access to the Home Screen. The glitch was reported to Apple in the first week of November. Considering that the bug has the potential to leave user information open to theft, Apple should have fixed it in its latest iOS 10.1.1 update. But that’s not the case.
As you can see from the video posted above, Mejri was able to do the same thing on an iPad running the latest version of iOS too. All he had to do was rotate the tablet’s display after performing the Smart Cover trick. But Apple’s security woes don’t end there. Just this month, researchers found a way to bypass the lock screen using Siri.
The vulnerability is shown to affect Apple devices running iOS 8 to iOS 10.2 beta 3. Check out the above video by EverythingApplePro and iDeviceHelp to find out more about it.