iOS 9 security blooper lets you BYPASS PINs, eye up photos, contacts
Simple sequence opens up iPhones, iPads even if they have a passcode set
Vid A security flaw in iOS 9 allows anyone who has a locked Apple iThing in their hand to view its contacts and photos without having to enter a passcode.
A chap called Jose Rodriguez has posted a YouTube video demonstrating the design blunder, which exploits Siri to access information on the handset from the PIN unlock screen.
In the video, Rodriguez enters an incorrect password multiple times, then asks Siri for the time. When the voice-controlled assistant displays the time, you're able to use the Search and Share functions on the iOS clock feature. This, in turn, lets you pull up the iGadget owner's contacts, messages, and photos via the Share screen, all without the need to enter a correct PIN.
On iOS 9, enter bad PIN four times. On the fifth try, enter 3 digits (iOS locks for a minute after 5) then hold down the home button. Profit— Matt 'Mookie' Thayer (@presentservices) September 23, 2015
The vulnerability cannot be exploited to completely unlock the owner's iPhone, iPad or iPod Touch, but potentially sensitive information such as personal photos and the contact information of friends and family can be viewed.
We have been able to pull off the above trick to root around as described in an iOS 9-powered iPhone.
Rodriguez recommends disabling Siri on the lock screen in order to prevent the voice-activation flaw from being exposed. Apple did not respond to a request for comment on the video.
This isn't the first time a loophole in iOS has allowed the unlock screen to be foiled. In 2013, a similar bypass allowed a user to potentially bypass the unlock screen to view contacts, send messages, and place calls without owner permission. ®
- Apple M1
- App stores
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Tim Cook
- Trusted Platform Module
- Zero trust