iOS 9 security flaw grants unrestricted access to Photos and Contacts
A video making the rounds this week claims to disclose an iOS 9 security flaw that bypasses a passcode protected lock screen to grant unhindered access to a device's stored photos and contacts.
The somewhat involved process was discovered by Jose Rodriguez, who also uncovered an obscure iOS 6.1.3 lock screen bypass two years ago.
As described in Rodriguez's proof-of-concept video the procedure takes advantage of an apparent bug related to Siri lock screen access and iOS 9's five-attempt lockout policy. Under a specific set of circumstances invoking Siri from an iPhone or iPad's lock screen grants limited system access.
Rodriguez confirmed to AppleInsider that he does not own the iPhone used in the demonstration, nor were his fingerprints registered with Touch ID. AppleInsider independently confirmed the bypass' validity in a series of tests. It should be noted that only devices protected by simple four- or six-digit passcodes are vulnerable to attack, while those with long alphanumeric passwords remain unaffected.
Apple has yet to address the bypass, though tests showed today's iOS 9.0.1 update and iOS 9.1 beta versions do not contain a fix.
In lieu of an permanent solution from Apple, concerned users can disable Siri lock screen access by navigating to Settings > Touch ID & Passcode, entering their current passcode and deactivating Siri under the "Allow access when locked" heading. Alternatively, the bypass can be thwarted by creating a custom alphanumeric passcode.
Unfortunately, iOS is no stranger to lock screen bypass bugs, as evidenced by iOS 7, iOS 6 and iOS 4.
The somewhat involved process was discovered by Jose Rodriguez, who also uncovered an obscure iOS 6.1.3 lock screen bypass two years ago.
As described in Rodriguez's proof-of-concept video the procedure takes advantage of an apparent bug related to Siri lock screen access and iOS 9's five-attempt lockout policy. Under a specific set of circumstances invoking Siri from an iPhone or iPad's lock screen grants limited system access.
Rodriguez confirmed to AppleInsider that he does not own the iPhone used in the demonstration, nor were his fingerprints registered with Touch ID. AppleInsider independently confirmed the bypass' validity in a series of tests. It should be noted that only devices protected by simple four- or six-digit passcodes are vulnerable to attack, while those with long alphanumeric passwords remain unaffected.
Apple has yet to address the bypass, though tests showed today's iOS 9.0.1 update and iOS 9.1 beta versions do not contain a fix.
In lieu of an permanent solution from Apple, concerned users can disable Siri lock screen access by navigating to Settings > Touch ID & Passcode, entering their current passcode and deactivating Siri under the "Allow access when locked" heading. Alternatively, the bypass can be thwarted by creating a custom alphanumeric passcode.
Unfortunately, iOS is no stranger to lock screen bypass bugs, as evidenced by iOS 7, iOS 6 and iOS 4.
Comments
Don't lose your phone.
* Not a "fix", merely a solution. ????
I'd erase my iPhone within minutes of being stolen
Quick - You're at the grocery store, your iPhone gets stolen - Go! ????
If I'm stealing your iPhone, I'm putting it in airplane mode within seconds. I'm pretty sure I can do that a lot quicker than you can find another device, log in, and initiate remote wipe.
If I'm stealing your iPhone, I'm putting it in airplane mode within seconds. I'm pretty sure I can do that a lot quicker than you can find another device, log in, and initiate remote wipe.
You can't even activate the stolen phone, so it will be a brick soon enough... But, you could lose a bit of private data.
That actually make sense! Freaking kids can break into anything
I disable the ability to invoke Control Center from the lockscreen on my stuff.
9.0.2 dropping in: 3... 2...
"I know it isn't true
I know it isn't true
Love is just a lie made to make you blue
Love hurts,
Ooo-oo love hurts
Ooo-oo, love hurts, ooo-oo"
NAZARETH
12 character passcode. No control center on lock screen. Find my iPhone on. Only what you can try to use it is a restore and that's not going to work. Plus I can still put it in lost mode which sources say prevents apple Care or the stores from doing a force release even if you could convince them it's your phone.
Sure I'll be out an iPhone but that's why it's covered by my renters insurance
I saw this video days before, and can't believe that this fake video can make appleinsider.
That video is from several days ago. There was a new update this morning. Is the issue still there?
They need to physical access to your phone, if that occur, you've already lost your phone.... And they can't really use it for anything. That's only a worry if the police or FBI get your phone ;-).