Apple needs to get a grip on lockscreen bypass bugs

Summary:Don't care about your data? Well, what about your employer's data, or that of your customers or clients? Can you afford to have the same lax attitude there? I hope not.

Image: ZDNet/CBS Interactive

With iOS 8 on the horizon Apple is hoping to get us to trust some of our most personal and private data – data about our health – to the iOS operating system, and yet the programmers at Cupertino can't seem to squash lockscreen related bugs that have been plaguing the platform for years.

The latest lockscreen bug to hit iOS users is one of the simplest to date. It's quick and easy to carry out, taking only a few seconds to pull off, and leaves no trace that the device was accessed. Thankfully, it only allows access to the last app open, but it's a throw of the dice as to whether whether what might be open is sensitive or not.

Now, you might say that once an "attacker" has access to the handset, then all bets are off as to what's possible. Then there are others amongst you who might dismiss this as moot because you don't have the control panel enabled for the lockscreen. Both points are, to a degree, valid, but the problem with lockscreen bugs is not only that there are just too many of them – almost every version of iOS for the past few years has suffered from this vulnerability in one form or another – or the threat they pose if the handset is lost of stolen, but the real problem is that they make casual snooping just too easy.

But in case you're still going to try to justify that these lockscreen bypasses aren't a problem, let me offer the following points. First, people pay Apple good money for iOS devices and deserve better than this, and secondly, Apple is asking us to trust more and more of our personal lives to its devices, and these lockscreen vulnerabilities are a serious breach of that trust.

Don't care about your data? Well, what about your employer's data, or that of your customers or clients? Can you afford to have the same lax attitude there?

I hope not.

This is also worrying because of other features that Apple are baking into iOS 8, such as allowing third-party keyboards to be used. Apple claims that these keyboards won't be able to snoop on what we type, but by that logic, the lockscreen is supposed to lock the handset, and yet it doesn't.

It's all a matter of trust. And trust is the easiest thing in the world to erode.

See also:

Topics: Mobility, Hardware, iOS, iPad, iPhone, Security

About

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.Adrian has authored/co-authored technic... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.