updated 03:01 pm EDT, Wed May 21, 2014
Could reopen market for stolen iPhones, iPads
Two hackers from the Netherlands and Morocco claim to have found a critical vulnerability allowing them to break iCloud and the Activation Lock feature on iOS devices. The project is said to have taken five months, during which time they analyzed the data flowing between iPhones and iCloud. By spoofing iPhones into thinking they're connecting to Apple servers when they're really connected to a separate computer, the hackers say they can trick a device into undoing Activation Lock.
The exact technique hasn't been made public, but one of the hackers is denying suggestions that it involves exploiting an SSL bug. The pair states that they tried to approach Apple about the vulnerability in March, but got no response, prompting them to go public. The two add they have already unlocked some 30,000 iPhones in the last few days.
Apple has touted Activation Lock as a core feature of iOS 7. It should, in theory, prevent a thief from using an iOS device even if they restore it, unless they can obtain a person's Apple ID. If the technology has been defeated, that could potentially revive the black market for stolen iOS hardware.