Leaked iOS 19 Mock Ups May Not be ‘Representative’ of Current Design: Gurman
Bloomberg's Mark Gurman believes the recently leaked iOS 19 mockups may not represent the current design.
Confirmed: iOS 6.1.3 Has Another Passcode Security Flaw [Update]
iOS 6.1.3 was pushed out just the other day to fix two lockscreen flaws discovered in iOS 6.1. The good news is that the software update is indeed a fix for earlier bugs, but iOS 6.1.3 remains vulnerable to another passcode lock flaw that involves using Voice dial on the iPhone 4.
YouTube user videosdebarraquito (via iPhoneclub.nl) has posted a video, which you can see below. After being a bit skeptical about the video, since it doesn’t show whether the iPhone is running iOS 6.1.3 or an earlier version, I’ve decided to test it on my iPhone 4 running iOS 6.1.3. We can confirm that the security flaw is indeed present, and that it allows the “intruder” to access your address book and browse the pictures on your device.
The hack involves Voice dial on iPhone 4, as it enables a call to be placed, even if the passcode lock is on. Here is how it works:
- I used Voice control to dial a number (the video shows calling 123, but we think it is possible with any number, as long as the phone dials that number).
- as soon as the dialing xxx message appeared, ejected the SIM card
- the call ended, and I have seen the history of my recent calls
- from that moment on, I could browse through the Contacts, edit them, and even add a new contact or picture, either by taking a new photo or by choosing one from the photo library as you can see from the image above.
Remember, this only works with your iPhone in the intruder’s hands, and the iPhone is locked back as soon as you insert the SIM card.
Update: Here is our own video successfully testing this passcode bug, using an iPhone 4 and iPhone 4S (Siri needs to be disabled to enable Voice Control). Check it out below:
Also, the exploit works on the iPhone 5 as well, shown by iPhoneblog.de:
Want to see more of our stories on Google?
P.S. Want to keep this site truly independent? Support us by buying us a beer, treating us to a coffee, or shopping through Amazon here. Links in this post are affiliate links, so we earn a tiny commission at no charge to you. Thanks for supporting independent Canadian media!
Other articles in the category: iOS
Public Betas for iOS 18.1, iPadOS 18.1 macOS Sequoia Release With Apple Intelligence
Public betas for 18.1, iPadOS 18.1, and macOS Sequoia 15.1 are now available to users who opt in to Apple's program.
iOS 18 May Enable Users to Customize Layout of Home Screen App Icons: Gurman
iOS 18 may enable users to customize their Home Screen apps more with added options for layouts.
OMFG WTF is WRONG with you in these days, Apple? Wifi problem has still not fixed and security flaw AGAIN???
I wouldn’t worry too much … Do you really think the common thief can figure that our on their own?
Yes, if the intruder has access to Google or reads this blog.
It stands to reason though that if an intruder is going to be in a scenario where they have access to your phone to perform this, they’re simply going to steal the device and leave, and don’t actually care about your contacts or the ability to look at your photos.
You give them too much credit.
Dude chill out. Every phone and OS has flaws. Apple gets all the press, that’s all. Besides, the thief has to have your phone to do this. If you lose your phone to a thief, go to the nearest computer, log on to iCloud, and wipe your phone.
It’s so much worse than Google Play being filled with malware due to a non-existent review system, and Samsung apps being filled with easily exploitable security holes.
Or by “so much worse” I mean “far more secure than Android”.
Can’t reproduce this on my i5 (6.01)
It’s only on the 4.
actually, if you see our update it works on the 4S/5 too.
Must be on 6.1.3 only Gary, cuz I tried everything to get it working on my i5 and it won’t.
Update: added a video of successful tests using an iPhone 4, iPhone 4S
It looks you cannot be affected by this if you have activated Siri — only the legacy “Voice Control”