Late last month we reported Swedish security firm Micro Systemation claimed its XRY application was capable of cracking an iOS device’s passcode, logging keystrokes, and accessing data like GPS, call logs, contacts, and messages. The video showing the app in action has since been removed, but the firm’s claims are coming under scrutiny by at least one fellow hacker. Will Strafach, better known in the jailbreaking community as @chronic, just posted his summary of what’s really happening with the software in order to clarify the issue.
While explaining XRY does not use exploits similar to jailbreak programs as claimed by many covering the story, Strafach clarified the tool is “simply loading a custom ramdisk by utilizing the publicly available “limera1n” exploit by George Hotz. The ramdisk isn’t even very special, because anyone could put together their own using open source tools.” He continued by explaining the “two minute” claim of Micro Systemation is only true if your passcode is set to 0000. The time increases when a more complex passcode is set.
Chronic noted XRY cannot be used on iPhone 4S, iPad 2, and third-gen iPads, something most publications are not reporting. Here’s his explanation:
Due to the not-so-techincally-informed reporters writing about the XRY software, this fact has been overlooked. Personally, I think it’s a pretty important fact. The simpliest way to “thwart” the use of this software on your phone would be to get the latest model, because (as people who are farmilliar with jailbreaking know) the limera1n exploit is fixed in the bootrom of the A5 (iPad 2 and iPhone 4S) as well as the A5X (iPad 3) chip.