Apple iOS 7 beta bug allows attackers to share private photos

Apple iOS 7 beta bug allows attackers to share private photos

Summary: A flaw in iOS 7 gives attackers the ability to quietly go through a user's camera roll to delete pictures or, worse, share them with others — even if the device uses a lock screen.

SHARE:

The lock screen in Apple's beta version of iOS 7 has already been circumvented, allowing an attacker to access certain content on the phone in a matter of seconds.

Spanish iPhone user Jose Rodriguez discovered the flaw, and informed Forbes on Wednesday. Rodriguez has uploaded a video of the process to YouTube, demonstrating that anyone has the ability to access the Calculator, Camera Roll, and Calendar applications, as well as delete photos and take screenshots.

Forbes was able to independently verify the bypass, but went further to state that anyone can "email, upload, or tweet the device's photos".

Apple's iOS 7 beta is currently only available to developers, so it is likely that early awareness of this oversight will assist in removing it from the final version of the operating system. However, lock screen bypasses have not been limited simply to beta software in the past.

Earlier this year, a lock screen bypass was found in iOS 6.1, and although that was quickly patched in iOS 6.1.3, yet another bypass was found.

The problem is not restricted to Apple, either. Samsung's TouchWiz software, which runs on top of Android, has its own flaws that allow attackers to bypass the lock screens on the Galaxy Note II and Galaxy S III.

Topics: Apple, iOS, Mobile OS, Mobility, Samsung, Security

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

10 comments
Log in or register to join the discussion
  • How the hell is this a story?

    It won't be released for at least 3 months! Geez. You H8RS need to get a clue!
    Never Use Microsoft Warez
    • not news...

      not news, plus it can already be blocked if you want.
      doh123
      • This is actually the least of it

        The os keeps freezing, crashing.

        Yesterday I had to hard reset the device three or for times due to a total os lock-up on my old 4s

        That's much bigger news than a lock screen by-pass... I had no way to bypass my lock. How dare apple force this on it's users... Oh, Yeah...

        It is funny though, it's like when I was testing customer previews windows 8 and everyone was freezing because you could only close apps through task manager - turns out Microsoft did not plan to release it. In that state.
        MarknWill
        • Did you ever take notice

          That this is an non-public, developer-only BETA release of iOS 7?
          It is not intended for any use on a device where you are not prepared to completely wipe it and restore back data, regularly.
          This software is intended for developers to test their own software on it.
          Are you an Apple developer?

          The final product might not even look the same.
          danbi
          • One day

            you might see his point, at least from a distance.
            Little Old Man
  • I Think

    Someone may have violated their Apple Developer NDA. I hope it was worth it, but being the cracking meister who went public with Beta lock screen problem doesn't seem like it.
    DannyO_0x98
  • I hope ...

    that he reported it to Apple Bug Reporter before going public to Forbes about it.
    Sikosis-TheRealOne
    • I think so

      I tried to do it on iPhone 4 2 times in a raw without any success. iOS disabled the iPhone for 2 minutes
      Maria Davidenko
  • Also

    I tried it on my iPhone 4 and it didn't work.
    Sikosis-TheRealOne
    • And...

      This only confirms the fact, that every system can be successfully hacked
      Maria Davidenko