iOS 7 passcode bypass flaw grants access to photos, e-mail, more

[Shawn Knight]

A vulnerability in Apple’s new mobile operating system allows anyone to bypass the lockscreen on an iPhone or iPad and gain access to a user’s photos, e-mails, text messages, Facebook, Twitter and more. Apple said they are aware of the security flaw and are working to deliver a fix in a future iOS update.

The hack is a bit tricky to pull off but anyone should be able to do it with a little practice. Starting at the lockscreen, swipe up to access the new control center in iOS 7. Once in, open the clock app then hold down the power button which will bring up the shut down screen. Instead of shutting down, tap cancel then quickly press the home button twice.

If successful, you’ll be dropped into the iOS multitasking screen where a number of apps will be at your disposal. The hack has been independently confirmed to work on an iPhone 5 as well as an iPhone 4S.

It’s unclear exactly how long it might take for Apple to patch the flaw but in the meantime, you can disable control center access from the lock screen. To do so, simply tap Settings then go to Control Center and disable Access on Lock Screen.

The vulnerability was discovered by Jose Rodriguez, the same person that found a similar lock screen bypass method in iOS 6 earlier this year. When Apple patched that vulnerability, he found another method within an hour of downloading the update.

Permalink to story.

https://www.techspot.com/news/54071-ios-7-passcode-bypass-flaw-grants-access-to-photos-e-mail-more.html

 

[m4a4]

Certainly doesn't help apples sloppy security record...

 

[dennis777]

Kudos to the one who have find the security flaw.. who would have taught.

 

[fredderf81]

Ugh...look at that screen!!! it look just like android! and if they can't secure something as easy as a passcode what makes anyone think I want a record of my FINGERPRINT on their phone?!?!

 

[PC nerd]

I'm not surprised. Crapple have a bad history with user security.

 

[Guest]

"Apple said they are aware of the security flaw"

....holy mother, pigs do fly! Did they actually admit something?

 

[Guest]

....lol@fanbois who cr4p on Microsoft. Apple sux far worse at everything except consume hypnosis.

 

[grvalderrama]

Great job, Apple!

 

[RenGood08]

Wow...tried it and I could do it. Nice...just hacked my own cellphone...

 

[Guest]

I managed to do it, but then what? u can see tha apps that are running, but cannot click on them or even see anything on the display above the app icon in that mode.
So where is the security issue? (except that u can see what apps the phone is running)???

 

[Guest]

Same here, you can see the other apps, but you can't click into them. All the security flaw seems to be is what apps he's running, can't really do much else. Am I missing something or is this article a bit misleading?

 

[Guest]

I ran into the same issue. I am using a iphone 4 but was able to get into the camera app. From there you can view or delete all the videos and pictures. As well you can email the pictures out from the email client on the phone. While emailing you can delete the image attached to the email letting you send an email from that person to anyone. Also from that screen you can view all the users contacts and email addresses. But other than that I was unable to do anything other than that.

 

[hahahanoobs]

^Guests:
Read the first paragraph, and click on the the source link.
You're welcome.

 

[tonylukac]

Reminds me of when att came out with ess 1a payphones. Ess stands for electronic switching system, all previous phone switches used mechanical relays, not a computer. If you placed a toll call and the operator came on to request additional money, if you pressed the switchhook for exactly 1/2 second and picked it up, the call would go thru.