iOS 7 passcode bypass flaw grants access to photos, e-mail, more

By on September 19, 2013, 9:46 PM

A vulnerability in Apple’s new mobile operating system allows anyone to bypass the lockscreen on an iPhone or iPad and gain access to a user’s photos, e-mails, text messages, Facebook, Twitter and more. Apple said they are aware of the security flaw and are working to deliver a fix in a future iOS update.

The hack is a bit tricky to pull off but anyone should be able to do it with a little practice. Starting at the lockscreen, swipe up to access the new control center in iOS 7. Once in, open the clock app then hold down the power button which will bring up the shut down screen. Instead of shutting down, tap cancel then quickly press the home button twice.

If successful, you’ll be dropped into the iOS multitasking screen where a number of apps will be at your disposal. The hack has been independently confirmed to work on an iPhone 5 as well as an iPhone 4S.

It’s unclear exactly how long it might take for Apple to patch the flaw but in the meantime, you can disable control center access from the lock screen. To do so, simply tap Settings then go to Control Center and disable Access on Lock Screen.

The vulnerability was discovered by Jose Rodriguez, the same person that found a similar lock screen bypass method in iOS 6 earlier this year. When Apple patched that vulnerability, he found another method within an hour of downloading the update.

User Comments: 13

Got something to say? Post a comment
m4a4 m4a4 said:

Certainly doesn't help apples sloppy security record...

dennis777 dennis777 said:

Kudos to the one who have find the security flaw.. who would have taught.

1 person liked this | fredderf81 said:

Ugh...look at that screen!!! it look just like android! and if they can't secure something as easy as a passcode what makes anyone think I want a record of my FINGERPRINT on their phone?!?!

PC nerd PC nerd said:

I'm not surprised. Crapple have a bad history with user security.

Guest said:

"Apple said they are aware of the security flaw"

....holy mother, pigs do fly! Did they actually admit something?

Guest said: who cr4p on Microsoft. Apple sux far worse at everything except consume hypnosis.

RenGood08 RenGood08 said:

Wow...tried it and I could do it. Nice...just hacked my own cellphone...

Guest said:

I managed to do it, but then what? u can see tha apps that are running, but cannot click on them or even see anything on the display above the app icon in that mode.

So where is the security issue? (except that u can see what apps the phone is running)???

Guest said:

Same here, you can see the other apps, but you can't click into them. All the security flaw seems to be is what apps he's running, can't really do much else. Am I missing something or is this article a bit misleading?

Guest said:

I ran into the same issue. I am using a iphone 4 but was able to get into the camera app. From there you can view or delete all the videos and pictures. As well you can email the pictures out from the email client on the phone. While emailing you can delete the image attached to the email letting you send an email from that person to anyone. Also from that screen you can view all the users contacts and email addresses. But other than that I was unable to do anything other than that.

hahahanoobs hahahanoobs said:


Read the first paragraph, and click on the the source link.

You're welcome.

tonylukac said:

Reminds me of when att came out with ess 1a payphones. Ess stands for electronic switching system, all previous phone switches used mechanical relays, not a computer. If you placed a toll call and the operator came on to request additional money, if you pressed the switchhook for exactly 1/2 second and picked it up, the call would go thru.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.