Apple has closed a security vulnerability that allowed the iPhone lock code to be known only through sensor data

Last year researchers found an security vulnerability in iOS that allowed them to know the security code for those devices by reading traffic sensor data only, so Apple later closed that gap with iOS 9.3.

The team stated that, in some cases, web applications do not need the power to read data from sensors inside smart devices, which poses a significant risk to protecting those devices. Opening a site containing a malicious application, opening another tab and entering bank account data is not desirable, because the first tab runs malicious software capable of reading data at the browser level.

In an explanation of the vulnerability, the researchers said it was exploited by running software written in JavaScript, then reading sensor data and passing it to a neuronal network that analyzes the motion and simulates the device to see the device’s lock code. According to the study, the software was able to know the password correctly from the first time by 70%, and by 100% after the fifth experience.

Google said it was aware of the loophole but had not closed it until now. At a time when Apple analyzed the reasons for its existence and closure after the receipt of the study.

McAfee released its Digital Threat report, announcing that macOS malware grew 744 percent in 2016, with more than 460,000 malicious threats to Apple computers.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s