Anyone Can Bypass iPhone Passcode And Access Photos and Messages With iOS Flaw

iOS Flaw Allows You To Use Siri To Bypass Phone Lock Passcode

Do you own an iPhone? If yes, then you may want to be careful. A newly discovered security flaw in iOS allows attackers bypass an iPhoneโ€™s lock screen using a Siri search and access the userโ€™s messages and private photos, even if you are using configured Touch ID or not.

EverythinApplePro and iDeviceHelps who discovered the flaw say that the bug uses Siri to break into the device. The same flaw also exists on iOS 8 and newer, including 10.2 beta 3. Well, this flaw isnโ€™t exactly a new discovery since similar flaws have been discovered in previous versions of iOS. However, Apple is usually quick to fix them by way of an over-the-air (OTA) firmware update.

You can reproduce the bug using the steps mentioned below:

1. Firstly, find out the phone number of the victimโ€™s iPhone. If you are unable to do so, just ask Siri โ€œWho am I?โ€ (Note: This involves having access to the iPhone you want to break into).

2. Call the victimโ€™s phone using the phone number obtained from Siri above. You can also start a FaceTime call.

3. Then, click Message and then Custom Message to go to the New Message screen when you are allowed to type a reply.

4. Once done, activate Siri using the Home button and say โ€œTurn on Voice Over.โ€ You will hear a confirmation message saying โ€œOK, I turned on VoiceOverโ€ and then go back to the message screen.

Note: You may have to try several times to succeed in the next step. So, double tap the bar where you input the callerโ€™s name and then hold, while immediately clicking on the keyboard. Keep repeating it several times until you see a slide-in effect on the screen above the keyboard. You can then ask Siri to โ€œTurn off VoiceOver.โ€

5. Then, in the top bar, type in the first letter of a contactโ€™s name, and tap the circular โ€œiโ€ icon next to the name, and create a new contact.

6. Choose add photo, select photo, and youโ€™re in. Although the iPhone is in the locked state, you will still be able to see the gallery just like you would browse the phone. You can also select any contact and read messages and see all previous conversations with that contact.

How to protect against the bug

While Apple is very likely to patch the bug in the next beta, in the meanwhile, you can stay safe by disabling Siri on the lock screen. All you need to do is go to Siri > Access on Lock Screen and toggle the switch to disable. It is likely that the complete version of iOS 10.2 will include a patch against this flaw.

Source: Softpedia

Kavita Iyer
Kavita Iyerhttps://www.techworm.net
An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!
spot_img

Read More

Suggested Post