Apple Delays Fixing iCloud

Some hacker took the advantage of Apple’s delays in fixing its iCloud security flaw. The iPhone-maker has been pushing its security tools enabling to switch off lost or stolen iPhones – Activation Lock was a fail-safe introduced in the latest iOS 7 to keep stolen Apple devices from being usable. The feature was supposed to keep the contents of locked devices unreadable and unable to be erased without knowing the user’s Apple ID and password.

However, vulnerability in Apple’s iCloud meant that intruders could get around Activation Lock with a free tool. Apparently, any security is just token and content can in fact be accessed. In other words, if you have lost your iOS devices, a hacker who is familiar with the problem is able to break into them despite the feature that is designed to protect them.

A hacker nicknamed AquaXetine took to Twitter a few days ago to announce that Apple was “soooooooo toooo late” to address the vulnerability. The hacker who did warn Apple of the security problem allegedly a few months ago cooperated with MerrukTechnolog to create a so-called “first iCloud Activation Bypass”. This is a kind of a “man-in-the-middle attack” that intercepts traffic passing between a device and Apple’s servers. The fix would require a new update issued by Apple to patch it, but that really depended on Apple being on the ball.

Apparently, for Apple to release a patch, it first has to experience an extensional crisis whenever it realizes that its software is not perfect. Only now the company has gotten around to ask the hacker to get in touch. AquaXetine has already released his bypass tool, called DoulCi, and the software remains available for anyone to unlock stolen iPhones. The company hasn’t provided any comments to AquaXetine’s statements thus far.