Hacker News new | past | comments | ask | show | jobs | submit login

It works. It's basically a software brute force that works great for 4 digit pins, takes longer for longer passcodes. Other offerings are a keylogger for the pin/passwords after they "return" the device to the suspect.



How would you install a keylogger on an encrypted device without rooting it or deleting user data?


I guess you could replace the screen with one that logs taps.


maybe you could sniff the data coming from the touchscreen with something you physically install into the phone.


> It's basically a software brute force that works great for 4 digit pins, takes longer for longer passcodes

Since the pin/password isn't actually the encryption key and is instead just the code that is provided to the security module/TPM on the device, I fail to see how this can be bruteforced. Unless there is also a magic hardware backdoor in Android phones, but in that case why would there need to be private companies and how would they even have access to this.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: