A new passcode bypass has been demonstrated in iOS 6.1.3, an update released to patch a previous passcode bypass hack discovered in February. A video posted to YouTube demonstrates a series of steps that gives a user access to your iPhone's phone, contacts, and photos even when the device is locked with a passcode.
The flaw was published by YouTube user "videosdebarraquito," the same user who discovered and demonstrated the previous exploit. Apple patched that flaw on Tuesday, but by Wednesday, videosdebarraquito had posted the new flaw.
By initiating a call via voice dialing and popping out the SIM card on the iPhone before the call actually takes place, the device pops up a warning about the SIM card and then shows the dialer screen.
From there, users can access the iPhone's contacts, including the ability to add a contact or edit existing contacts. Through the contact editing or creation process, it's also possible to view the iPhone's photo library.
Here's the video:
According to videosdebarraquito, you can protect yourself against this particular exploit by turning off the Voice dialing feature found under the Passcode section of your iPhone's General preferences, as shown in the screenshot below.
Voice Dial Preferences
Note that "Voice Dialing" is only available when Siri is turned off.
[Via CNet]
3 Comments
Maybe I just didn’t see it, but after multiple viewings, I still didn’t see where he showed that he was using 6.1.3.
I wonder how the heck people find these. I mean starting to make a call via voice dialing and then ejecting the SIm isn’t the sort of thing you’d likely stumble onto. And the one before this was a ridiculous series of steps. I just find it amazing that people figure this out.
Meanwhile in Cupertino a teenage geek did this http://www.scpr.org/news/2011/12/08/30262/california-teen-wins-grand-prize-potential-cancer-/
Add your comment