XRY’s two-minute iPhone passcode exploit debunked
Late last month, we reported Swedish security firm Micro Systemation claimed its “XRY” application was capable of cracking an iOS device’s passcode, logging keystrokes, and accessing data like GPS, call logs, contacts, and messages. The video showing the app in action is now removed, but the firm’s claims are coming under scrutiny by at least one fellow hacker. Will Strafach, better known in the jailbreaking community as “@chronic,” just posted his summary of what is really happening with the software to clarify the issue.
While explaining XRY does not use exploits similar to jailbreak programs, as claimed by many covering the story, Strafach clarified the tool is “simply loading a custom ramdisk by utilizing the publicly available ‘limera1n’ exploit by George Hotz. The ramdisk is not even very special, because anyone could put together their own using open source tools.” He continued by explaining the “two-minute” claim of Micro Systemation is only true if a passcode is “0000.” The time increases when a more complex passcode is set.
Chronic also noted XRY cannot be used on iPhone 4S, iPad 2, and third-gen iPads, something most publications are not reporting. Here is his explanation: