After all the controversy these days in which The FBI is trying to force Apple to decrypt data from an iPhone of some terrorists because the American federal agency would not be able to do this, a hacker demonstrated how fragile is the operating system iOS 9.2.1 device by Tim Cook.
In the video clip below you will see that a bug in iOS 9.2.1 allows someone to attempt a brute force attack against a passcode-protected iPhone without iOS blocking the terminal or deleting the data from it after entering 10 wrong codes.
Normally iOS 9.2.1 locks an iPhone for several minutes if the user does not enter the correct security code in several attempts to lock the terminal, but the bug demonstrated by the hacker shows that this protection measure can be bypassed to enter any codes until the correct one is found.
Using this vulnerability the FBI could perform a brute force attack to guess the security code of the iPhone they have without needing Apple's help, but of course they want more access simple at the terminals without getting complicated.
Version iOS 9.2.1 for which the vulnerability is demonstrated has been offered by the Apple company for several weeks, so we are not talking about the new build released last night, and if this hacker knows about his existence, surely others have known for some time, and now the whole internet knows about him.
Given that the San Bernadino attack took place in December 2015, the iPhone in the FBI's possession is most likely running a version of iOS 9 that is most likely vulnerable to this bug, so theoretically the FBI could use it.
Until another, the situation in which Apple finds itself is quite ironic, Tim Cook claiming that Apple protects users from bad people who try to steal their data, and iOS has vulnerabilities like the one above.
