Security News > 2022 > January > Apple Home software bug could lock you out of your iPhone
The bug affects the Home app, Apple's home automation software that lets you control home devices - webcams, doorbells, thermostats, light bulbs, and so on - that support Apple's HomeKit ecosystem.
Wiping your data is quick and reliable because Apple mobile devices always encrypt your data, even if you don't set a lock code of your own, using a randomly chosen passphrase kept in secure storage.
According to the description given by Spiniolas, the bug is triggered if Apple's Home app encounters a HomeKit device under its purview with an enormously long name, for example 90,000 characters or more.
If you deliberately rename one of the home devices in your HomeKit network so it has a name of about 100,000 characters or more, the Home app will apparently lock up when it subsequently tries to deal with the weirdly-named device, and ultimately crash.
According to Spiniolas, Apple recently patched the Home app to prevent you renaming devices to have absurdly long names.
If you save the data onto an encrypted removable drive, you can store it both offline and offsite, and in an emergency you'll have access to your iPhone data without needing a working Apple login or an Apple device.
News URL
Related news
- Apple fixes two new iOS zero-days exploited in attacks on iPhones (source)
- Apple's trademark tight lips extend to new iPhone, iPad zero-days (source)
- Apple: Mercenary spyware attacks target iPhone users in 92 countries (source)
- Apple Alerts iPhone Users in 92 Countries to Mercenary Spyware Attacks (source)