Summary: A new flaw allows any hands-on hacker to access iPhones and iPads where the user previously left off, including email, settings, and other apps.
Apple users have been left with yet another lock-screen flaw, which can allow anyone with physical access to an iPhone or iPad running the latest iOS 7 software to access the device where the owner previously left off.
The bug, which was first discovered on YouTube, is relatively simple to replicate.
Once a missed notification is received, flip up the Control Center and enable Airplane Mode. This disables any data in or out of the device. Then, swipe down on the Notification Center and tap the missed call. The device will unlock, prompting you to turn on the radio functions.
However, the caveat is that it only displays the app that was last open on the device before it was locked. If it were the Mail app, the attacker has unfettered access to your emails only. If it were the Settings app, they will have full control over your device options.
Once they leave the app, the device locks again.
This was tested on the iPhone 5s and iPhone 4s both running iOS 7.1.1, the latest version of the mobile software, in the New York newsroom.
This isn't as serious as previous issues with the iOS 7 lock screen as it doesn't give full access to the device, but it's once again yet another issue with a deeply-flawed lock screen — as we have seenbefore.
Users are advised to disable "Notification View" in the "Notification Center" panel in the device Settings area, to prevent this from working. Alternatively, users can disable the Control Center by going to its area in the Settings, and turning off the "Access to Lock Screen" function.
We reached out to Apple for comment but did not hear back at the time of writing.
No comments:
Post a Comment