The exact circumstances around the search are not known. But activist Samuel Tunick is charged with deleting data from a Google Pixel before CBP’s Tactical Terrorism Response Team could search it.
Curious, how does that work? 10000 possibilities aren’t many but you get 30s break every 3 failed attempts then 5 more then its every single failed attempts so that’d be ~5000minutes so that’s about 3 days. Assuming they get “lucky” it’s about 1.5 day. I don’t know though what happens after 20 failed attempts, maybe it’s 1min break or 20min break.
Basically, does PIN bruteforcing actually work and if so on what timeframe?
I think Apple has fixed this, but they would remove the battery, hook it up to external power. When unlocking, there was a pause/dimming on the phone to show it was wrong, and the computer hacking it would kill the power before the phone wrote that there was a bogus attempt, so you got infinite attempts.
I don’t think infinite attempts is the issue, I think the timing of those attempts is what practically limit the usefulness of the attack. Here in the Apple example I imagine rebooting the phone takes longer than 30s. Also if one goes to the length of removing the battery of an iPhone to crack it, this is a pretty serious attempt. One better have proper protections in place.
Curious, how does that work? 10000 possibilities aren’t many but you get 30s break every 3 failed attempts then 5 more then its every single failed attempts so that’d be ~5000minutes so that’s about 3 days. Assuming they get “lucky” it’s about 1.5 day. I don’t know though what happens after 20 failed attempts, maybe it’s 1min break or 20min break.
Basically, does PIN bruteforcing actually work and if so on what timeframe?
I think Apple has fixed this, but they would remove the battery, hook it up to external power. When unlocking, there was a pause/dimming on the phone to show it was wrong, and the computer hacking it would kill the power before the phone wrote that there was a bogus attempt, so you got infinite attempts.
I don’t think infinite attempts is the issue, I think the timing of those attempts is what practically limit the usefulness of the attack. Here in the Apple example I imagine rebooting the phone takes longer than 30s. Also if one goes to the length of removing the battery of an iPhone to crack it, this is a pretty serious attempt. One better have proper protections in place.