iOS flaw allows anyone to Bypass iPhone passcode and access photos and messages

Apple logoA new security flaw discovered in iOS allows pretty much anyone with access to your phone to bypass the passcode protection (it doesnt even matter if you configured Touch ID or not) and look at your photos or read the existing messages.

Discovered by EverythingApplePro and iDeviceHelps, this glitch uses Siri to break into the device, and all it takes is a few simple steps. Whats more important to know is that the same flaw exists on iOS 8 and newer, including 10.2 beta 3, but Apple is very likely to patch it in the next beta now that it has gone public.

 

First and foremost, what you need to do is to find out the phone number of the victims iPhone, and in case you dont know it just yet, simply ask Siri Who am I? As mentioned, this involves having access to the iPhone you want to break into.

The next step comes down to calling the victims phone using the phone number previously obtained from Siri - you can also start a FaceTime call, that will do it too. Click Message and then Custom Message to proceed to the New Message screen when you are allowed to type a reply.

Next, activate Siri using the Home button and say Turn on Voice Over. Youll hear a confirmation message saying OK, I turned on VoiceOver and then go back to the message screen.

The next step might not succeed from the first attempt, so you may have to try several times: double tap the bar where you input the callers name and then hold, while immediately click on the keyboard. Repeat as many times as needed until you see a slide-in effect on the screen above the keyboard. You can then ask Siri to Turn off VoiceOver.

Next, simply type in the first letter of a contacts name in the top bar, tap the circular i icon next to the name, and then create a new contact. Select add photo, choose photo, and youre in. You should be able to see the gallery just like youd browse the phone, even though the iPhone is still in the locked state.

Reading messages is possible by simply selecting any contact, and you should be able to see all previous conversations with that contact.

Until Apple fixes this bug, the easiest way to stay safe is to disable Siri on the lock screen. To do this, launch Settings and go to Siri > Access on Lock Screen and toggle the switch to disable.

Apple is most likely aware of the bug already, so expect a fix to be provided in the coming days. The full version of iOS 10.2 will most certainly include a patch against this flaw.

Source: Softpedia

Tags: Apple, break, iOS, OSes

Comments
Add comment

Your name:
Sign in with:
or
Your comment:


Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party


Last news

 
Google has finally added support for FLAC playback within the browser
 
At issue is the way app behaves when an end user's encryption key changes
 
The phone will compete against Google Pixel and iPhones
 
Opera has always been trying to diversify the browser market
 
It will be priced $299.99 in the United States
 
Enter your destination, browse rates, request a ride, and payall through Google Maps
 
The Xbox One Guide is also seeing improvements
 
Google Play alerts developers about the launch
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
HP Slate 7 is a 7-inch Android 4 Tablet PC with good sound
A cost-effective, 7-inch tablet PC from a renowned manufacturer
October 25, 2013 / 4
 
 

News Archive

 
 
SuMoTuWeThFrSa
1234567
891011121314
15161718192021
22232425262728
293031    




Poll

Do you use microSD card with your phone?
or leave your own version in comments