Canadian tech consultant Ade Barkah has uncovered a security bug in iOS 5 that allows for someone to bypass an iPhone’s lock screen and view the device’s photo albums, even without knowing the passcode.
In iOS 5, there is a convenient button on the lock screen, which appears by double-tapping the home button, that allows for you to launch the camera application. Normally, Apple has a restriction that prohibits you from viewing any images on your iPhone’s camera roll while the device is locked, however, during his travels from Canada to Argentina, Barkah discovered that Apple’s restriction is merely based on the iPhone’s system time…
If the iPhone’s clock is ever rolled back, any picture with a time stamp greater than the iPhone’s system clock can now be viewed without a passcode. While it does not occur frequently, an iPhone’s clock could be rolled backwards as a result of a software glitch or by syncing with an erroneous source such as a computer with an incorrect time.
Apple is notorious for releasing time-related bugs, but is usually quick to release a software update to patch the issues. iPhone 4S and iPad 2 owners should be cautious before updating to any such software update, as Apple might patch the untethered jailbreak vulnerability that iOS hacker pod2g is currently working on for A5-equipped devices.