Apple iOS 6.1.3 fix contains another lock screen bypass flaw

Apple iOS 6.1.3 fix contains another lock screen bypass flaw

Summary: The latest Apple iOS software fix, designed to fix a nasty bug in which unauthorized users could bypass the lock screen and access user data, contains yet another major flaw.

SHARE:
29
App_iphone5wood

Only two days after Apple released a lock screen fix that allowed unauthorized users to bypass the four-digit PIN code on iPhones and iPads, a new password bypass vulnerability has been discovered.

YouTube user videosdebarraquito was able to bypass the lock screen on an iPhone 4 using nothing more than a paperclip. By locking the device and enabling the Voice Control feature, it is possible to circumvent the lock screen by ejecting the SIM card from its tray at the moment the device starts dialing.

From here, the phone application remains open, allowing access to recent call logs, contacts, and voicemail (if it isn't protected by a separate PIN code). But also from here, photos and video can also be accessed by creating a new contact. When a new contact is created, it opens up access to the photos application — including Camera Roll and Photo Stream. 

As soon as the screen turns off, the device locks again, but this can be bypassed with the SIM card tray removal trick. 

At ZDNet HQ in New York, we were able to reproduce this bug on an iPhone 4. It also appears this affects iPhone 4S and iPhone 5 users (German) with Siri disabled, as this re-enables Voice Control. 

Upon close examination of the screen recording we took, it appears that when Voice Control is used, it loads up the phone application in the background, which as it begins to call immediately it places this in 'background' mode. When the call begins, for a split-second the phone application displays as it transitions away, only to be replaced by the lock screen once the call is ended.

Removing the SIM card seems to 'confuse' the device, resulting in a pop-up display warning that the SIM card has been removed. This stalls the transition and keeps it in active play.

For now, disabling the feature on devices running iOS 6.1.3 appears to fix this bug. 

In Settings, tap General, then Passcode Lock. From here, disable Voice Dial on older versions of iPhones, or enable Siri (as this replaces Voice Control) if you have an iPhone 4S or older. 

We've put in a request for comment to Apple but did not immediately hear back at the time of writing. 

Topics: Security, Apple, iOS, iPhone, iPad, Privacy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

29 comments
Log in or register to join the discussion
  • I just knew Siri was good for something!

    Interesting hack, Zack. You might just make a living reporting these types of lock screen exploits.
    kenosha77a
    • Has it really come to this, Zack?

      I truly enjoyed your college blog years. Thought provoking insights on numerous topics. Now, faithful ZDNet readers get these type of blogs from you. Although, "You can't go home again", as Tom Wolfe once remarked, there is no law against revisiting one's college neighborhood once and awhile for needed inspiration.
      kenosha77a
  • Moral of the story

    Apple and Google mobile OS are insecure.

    Time to switch.

    Get a Windows Phone from Nokia/HTC, super secure, fast, ultra modern UI and full offline maps and extremely affordable.

    Don't buy Crapple and Samdung phones, you may often see them on TV but don't fall for it.
    Owlll1net
    • Heres what you fanbois of all OS's dont get..

      As long as humans program software, there will be bugs in ALL platforms.
      EVHGameOvR
      • But the Apple Empire...

        ...on a large part is built on the myth of infallibility. It's no surprise Apple won't comment on it...they like to pretend such issues don't exist, or dismiss the problem with something like "you're hacking it wrong."
        jvitous
        • No, it isn't, even though

          Various trolls desperately claim it is. Apple is built in the idea of better, not perfect.
          baggins_z
    • Yeah . . .

      . . . because Windows has never had a security problem /sarcasm
      Wakemewhentrollsgone
      • Good answer

        And here is the best answer to anyone who suggests that all Windows users should switch to os x / Linux:

        "Yeah... because os x / Linux has never had a security problem /sarcasm"

        Thanks Restricted_access, you've just blown away years of apple and Linux fanboy rhetoric.
        toddbottom3
        • You'll have to explain that one, TB

          Your saying that, because Restricted_access implies through sarcasm that Windows has had security problems, that means that anybody who has in the past stated that OSX or Linux is more secure has been suddenly made wrong?

          Man, I sure pity anyone who hires you in the IT world, if that's the way you parse logical constructs.
          And yes, sarcasm aside, OSX and Linux are both inherently more secure than Windows.

          By the way, how long have you been singing backup for OwlNot, whose reasoning skills are approached only by Lovey?
          radleym
    • Do some research

      Starting with,
      http://www.itworld.com/answers/topic/mobile-wireless/question/windows-phone-mango-ready-corporate-use

      But WP8 is not secure, either. I bet there are charts somewhere that show WP8 being behind the others for encryption and other issues as well...

      Blackberry has the record on security, but BYOD means higher profit as cost is delegated to the already-cash-strapped worker, who now is angry at buying a $300 device that he cannot afford (but has to in order to remain employable, so what would anyone do given that choice - debt or starving to death?)...
      HypnoToad72
      • Actually not...

        "I bet there are charts somewhere that show WP8 being behind the others for encryption and other issues as well..."

        Please give us the links!
        As the encryption in Windows Phone 8 builds on Bitlocker technology which has survived without compromise since Vista launched (7 years ago), I am quite sure you will find no problems there...
        brhorv
    • Blackberry is most secure

      Windows is right there with them, if security is a real issue get a blackberry, that's why enterprise uses them.
      new gawker
    • Security through Obscurity ?

      Windows phones may appear more secure only because they have such a small percentage of the market, and not as many people are pounding away at them looking for vulnerabilities.

      Given Microsoft's record with security issues, I wouldn't be surprised to see the vulnerabilities of Windows Phone grow as(if) market share increases.
      SkiddMarxx
  • Poor Apple

    that their popular device is suffering as Microsoft desktop OS. Too bad this kind of thing does not get to the average Apple user and only among us tech savvy people.
    lares3k
    • Re: Poor Apple

      @lares3k

      Yes, it is shocking. It is as if these extremely serious flaws just don't affect the average Apple user. They are acknowledged by Apple and they're reported on in the tech news all the time. Yet, strangely, it seems to be only the tech savvy non-Apple users who are the most affected.
      Cryptnotic
  • People actually spend so much time looking for a hack like this?

    Making a call while pulling out the SIM? How much time was spent getting to that point?
    William Farrel
    • I was wondering the same

      Somebody spent a lot of time looking for this "hack".

      Yes it is an apparent exploitable bug .... but if somebody has physical access to your phone (what ever brand) and enough time to actually start playing around with the SIM card, you have a much bigger problem.
      wackoae
      • Yeah,

        You lost your phone.
        benched42
    • As much time as commenting on the article...

      You attempt to make a smarmy comment about an exploit that was found, implying the hacker should have something better to do with his time... You hypocrite, what time do you invest in commenting? Whether the exploit was found by accident or with a team of 1000's toiling for weeks, the exploit needs to be patched (as it will be) and the phone made , more secure. The fellow pointed out an interesting, if inane, "hack". Your smart mouth comment just shows what an isheep you are... The author never claimed one OS to be more secure than another...
      1bmwdrvr1
      • I think his point is the effectiveness

        I think what he was trying to say is that it seems like a lot of time and effort for an exploit that seems to involve a severe edge case.
        Third of Five