So what’s up with Apple and the iPhone’s Lock screen? I mean, the various Lock screen vulnerabilities have persisted in iOS since the first passcode flaw was discovered in iOS 2.0 – and that was way back in July of 2008. And now, in addition to a simple passcode bypass trick a YouTube user detailed on Valentine’s Day, another method of circumventing the Lock screen passcode has been discovered and highlighted in a video above…
Antivirus maker Kaspersky wrote in a threat post:
Similar to the iPhone’s passcode vulnerability, the exploit involves manipulating the phone’s screenshot function, its emergency call function and its power button.
Users can make an emergency call (911 for example) on the phone and then cancel it while toggling the power on and off to get temporary access to the phone.
Jacqui Cheng of Ars Technica explains the exploit, which was discovered and detailed on February 18 by Vulnerability Lab CEO Benjamin Kunz Mejri:
The difference between the first exploit and this one is how it can make the iPhone screen go black, allowing an attacker to plug the device into a computer via USB and access the user’s data without having their PIN or passcode credentials.
And like the first exploit, this one lets a malicious user bypass a passcode on the Lock screen and gain access to your messages, phone calls, contacts and other private data.
You can reproduce the glitch using the following steps:
• make sure a passcode is activated in Settings and then lock your device by pressing the Sleep/Wake button
• hit the Sleep/Wake button again to wake up the device
• slide to unlock
• tap the Emergency Call button on a virtual keypad
• dial 911, 110, 112 or any other emergency call number from a public listing and immediately hang up the call
• hit the Sleep/Wake button to send the device to sleep, then wake it up and slide to unlock
• hold the Sleep/Wake button pressed for three seconds and then just before the ‘slide to power off’ prompt appears tap the Emergency Call button
As long as you keep holding the Sleep/Wake button, you will gain access to your contacts, call list, apps and more. Bear in mind that as a result of this vulnerability, an attacker can also plug your device into a computer via USB in order to gain access to even more data without knowing your passcode.
Kaspersky’s security advisory notes that connecting a compromised device to a computer via a USB cord exposes not only the user’s photos, contacts and other PIM data because more “will be available directly from the device hard drive without the pin to access.”
Truth be told, this is getting ridiculous – Apple’s gotta do something about these Lock screen flaws.
We kinda hoped the iOS 6.1.2 firmware would squash these bugs, but that wasn’t the case as iOS 6.1.2 only delivered a fix for the Exchange bug that was affecting battery life. By the way, ad tracking firm Chitika today reported that less than a week after it became available for download, iOS 6.1.2 is now the most popular version.
“Apple takes user security very seriously,” a spokeswoman for Apple recently said. “We are aware of this issue, and will deliver a fix in a future software update.”
Four days ago, iOS 6.1.3 Beta 2 was seeded to Apple’s registered developers. In the release notes, Apple mentions that iOS 6.1.3 will also fix the Lock screen bug.