Shortcuts

iOS 7 Bug Leaves Lockscreen Vulnerable For Access

rated by 0 users
This post has 9 Replies | 0 Followers

Top 10 Contributor
Posts 26,368
Points 1,192,005
Joined: Sep 2007
ForumsAdministrator
News Posted: Thu, Sep 19 2013 5:50 PM

Hot on the heels of news that a crowdfunded competition aims to figure out if the fingerprint security implementation on Apple's iPhone 5s can be exploited comes news of a proven security risk, squarely involving iOS 7. The exploit specifically involves the lockscreen, the most common piece of security that stops some unauthorized individual from gaining access to anything important on your phone.

The "hack", if you want to call it that, is simple: Swipe up on the lockscreen to enter the control center, and then open the alarm clock. From there, hold the phone's sleep button to bring up a prompt that will ask you if you wish to shut down, but instead of doing that, hit the cancel option, and then tap the home button to access the phone's multi-tasking screen.

With access to this multi-tasking screen, anyone could try opening up what you've already had open on your phone. If you had Twitter open, for example, this person might be able to pick up where you left off and post on your behalf. Or, they could access the camera - and of course, every single photo stored on the phone. This is definitely what I'd consider a significant security risk.

Around the Web, there's proof that this exploit does in fact exist, with many users backing that up. However, there do seem to be limitations to what can be done once access is granted. Some apps still might not accessible, for example, and so far, there doesn't seem to be much rhyme or reason to what's accessible. What is a certainty though is the fact that Apple is sure to be rather quick in patching this bug up. I'm not sure I'd go as far as to call the bug "critical", but when someone can access your photos and Twitter with just a couple quick swipes and taps on the screen, it sure isn't minor.

  • | Post Points: 110
Not Ranked
Posts 1
Points 5
Joined: Jan 2012
DJohnson1 replied on Thu, Sep 19 2013 9:04 PM

So lets tell everyone how to do it. Smart.

  • | Post Points: 5
Not Ranked
Posts 10
Points 65
Joined: Dec 2011
JLeBoeuf replied on Thu, Sep 19 2013 9:24 PM

you mean a website who's sole purpose is to inform people about hardware, informed people about hardware? The madmen!

  • | Post Points: 20
Top 25 Contributor
Posts 3,626
Points 55,210
Joined: Jul 2004
Location: United States, Massachusetts
ForumsAdministrator
MembershipAdministrator
Dave_HH replied on Thu, Sep 19 2013 9:31 PM

Heh... JLB, too funny. DJ, relax. It's public information now and don't you think it's a good idea to make it known so Apple can close the hole?

Editor In Chief
http://hothardware.com


  • | Post Points: 5
Top 150 Contributor
Posts 625
Points 5,595
Joined: Sep 2012
Location: Canada
ForumsAdministrator
Moderator
RWilliams replied on Thu, Sep 19 2013 9:50 PM

It's good to reveal information like this so that users of these devices can be aware of them. I'd rather be aware of a major exploit that plagues the phone I bring everywhere rather than be oblivious to it.

Plus, as Dave says, this assures a quick patch-up on Apple's part.

  • | Post Points: 5
Top 100 Contributor
Posts 1,035
Points 9,630
Joined: Mar 2012
Location: LA, CA
sevags replied on Thu, Sep 19 2013 11:07 PM

I hate ios7 period! It's absolutely horrible I don't know what they were thinking did no one test this OS internally? Did no one stand up to the designer and say "hey you are making it cumbersome to use, oh and there is a lockscreen exploit"...

I love the iPhone for the software updates! I hate the iPhone for not allowing you to revert to previous versions!

  • | Post Points: 5
Top 100 Contributor
Posts 1,035
Points 9,630
Joined: Mar 2012
Location: LA, CA
sevags replied on Thu, Sep 19 2013 11:16 PM

Ok so I can verify that the exploit works on my ip5 however once it opens up the multitasking not only do the tiles not show previews of what I have open (including my photos) but it doesn't let me click and only ANY of the tiles except for the alarm which I already had access to from the lockscreen. The only harm I am seeing is someone can see what apps I was using last... It's still needs fixing but im not saying any way to do anything bad or get any info from this exploit?

  • | Post Points: 20
Top 150 Contributor
Posts 625
Points 5,595
Joined: Sep 2012
Location: Canada
ForumsAdministrator
Moderator
RWilliams replied on Thu, Sep 19 2013 11:50 PM

It's app-specific. I've read elsewhere that Twitter is accessible, as is the email client (and camera as mentioned in the post).

  • | Post Points: 5
Not Ranked
Posts 49
Points 395
Joined: Jun 2012

it is good complement for the touch id ..

  • | Post Points: 5
Top 100 Contributor
Posts 1,035
Points 9,630
Joined: Mar 2012
Location: LA, CA
sevags replied on Fri, Sep 20 2013 10:16 AM

RobW; ok so it does give you access to the camera app but not the opened my photos app but if the person had the camera open you can open it and go to all the photos from there... That is a very bad thing yes!!!!!! It doesn't give access to the mail client thank god, and luckily I don't use twitter.

I don't understand how users can find this exploit in a day but not apple after months of "testing"

  • | Post Points: 5
Page 1 of 1 (10 items) | RSS