We all know that when a new OS release comes out, it's probably a good idea to update iPhones and iPads. If you're a little behind though, specifically if you haven't upgraded to 8.1.1, your iPhone or iPad is vulnerable to the kind of brute force hack described here. If you have an older device and are unable to upgrade, your device remains vulnerable.
'“It’s always been known that having a 4-digit PIN on your phone is inherently insecure however the ‘erase data after 10 invalid attempts’ configuration setting was seen as somewhat of a mitigation in many circles,” said Dominic Chell, director at MDSec. “We believe that the device is able to evade this constraint by aggressively powering off the iPhone after each PIN entry attempt is made, but before the failure has been committed to flash memory – it does this by directly powering the iPhone itself.”'
Being aware of this kind of vulnerability is the first step, but insisting on a higher level of security for access to our devices is the next one. As we do more and more on our devices, it is increasingly necessary to understand the security threats that can compromise them, and search for ways to mitigate the risk.