|
|
New phone bypass discovered in iOS 7.0.2 lockscreen
|
|
|
|
MacNN Staff
Join Date: Jul 2012
Status:
Offline
|
|
A newly-documented technique lets people bypass the lockscreen in iOS 7.0.2 and dial any phone number, not just emergency numbers. The method involves waiting for a notification, or forcing one by sending a text message or ejecting the SIM card. Once the notification pops up, a hacker has to swipe right on it while simultaneously swiping up on the Camera icon. While keeping a finger on the Camera icon, a person must then slide to unlock and tap the Emergency Call button. After dialing, hitting the Call button quickly two or three times should crash Springboard, but allow the call to go through once Springboard restarts.
The v7.0.2 update was itself meant to resolve earlier lockscreen vulnerabilities. The person credited with discovering the new bug, Dany Lisiansky, notes that he also recently found a v7.0.2 vulnerability allowing someone to skip the lockscreen via Siri or Voice Control and access photos, emails, and messages. Apple has had a recurring problem with new versions of iOS enabling lockscreen bypasses, which it then has to quickly close.
(
Last edited by NewsPoster; Sep 30, 2013 at 11:23 AM.
)
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Sep 2004
Status:
Offline
|
|
Apple has determined that it would be cheaper just to fix Dany Lisiansky.
|
|
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: Nov 2006
Status:
Offline
|
|
Do these people have better thing to do like getting out of the house?
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Sep 2013
Status:
Offline
|
|
A more apt title would be, 'another ridiculously obscure bypass discovered'
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Apr 2008
Status:
Offline
|
|
Too much time on their hands.
http://www.foldmoney.com/
|
|
|
|
|
|
|
|
|
Junior Member
Join Date: Feb 2006
Status:
Offline
|
|
Sounds like whomever handles QA for Apple security and code development needs to be a whole lot more attentive to design and implementation.
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Sep 2000
Location: OR, USA
Status:
Offline
|
|
While making the vulnerability known to Apple so they can fix it makes sense, it ticks me off that everyone has to publish the bloody method thereby putting everyone more at risk. So instead of being unknown to most, yo now put the method in the hands of the casual crook. Really nice, media. Thanks for nothing.
|
-
Michael
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Mar 2002
Location: Toronto, Canada
Status:
Offline
|
|
Given enough time, anyone can pick a lock.
|
2.66Ghz Mac Pro 2GM Ram 160Gig HD Ati X1900XT, 24" Dell 2407WFP
13.3" Mac Book Core Duo 2GIG Ram 80Gig HD
12" PowerBook 1.5Ghz 1.25GB Ram 60Gig HD
12" iBook 600Mhz (Late 2001) 640MB Ram 30Gig HD
|
|
|
|
|
|
|
|
Junior Member
Join Date: Apr 2001
Location: Edison, NJ 08817
Status:
Offline
|
|
The 7.0.2 iOS patch was released yesterday, and the security hole was discovered. Why didn't Apple discover this in their QA testing?
These may be obscure, but once discovered, they quickly spread. There are thousands of people employed by various nefarious organizations banging away in order to discover any security hole that can be exploited.
Maybe Apple should hire these guys to show their QA team how to test security patches.
|
--
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Jun 2007
Status:
Offline
|
|
Apple definitely screwed up security many times. They better spend their time doing thorough testing of the security features, instead of redrawing all icons with ugly colors. I cannot understand how such simple steps can bypass a so called security measure. This does not say nice things about the code design group behind those features.
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Apr 2011
Status:
Offline
|
|
yep... Apple is crumbling
|
|
|
|
|
|
|
|
|
Administrator
Join Date: Jun 2000
Location: California
Status:
Offline
|
|
New policy suggestion for Apple. Anyone who finds a security bug gets hired for at least one year. Tech companies used to make job offers to anyone who was able to hack them.
It's not like with Windows, where the bug reports are endless. OS X / iOS are well designed to begin with. After a few years of bug reports and new hires, nearly all security bugs will have been found. And the hiring will defuse most of the bad press.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by coffeetime
Do these people have better thing to do like getting out of the house?
I still don't get what's up with these sort of remarks. We should be grateful that these people are finding these flaws.
|
|
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Originally Posted by Arne_Saknussemm
yep... Apple is crumbling
The only thing I understand less than the above is remarks like this and the sentiment behind them, and my lack of understanding has nothing to do with my assessment on Apple's strength as a company.
Why write this? Maybe explaining this will help me understand better...
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Jun 2010
Status:
Offline
|
|
I would not call this a "flaw" .. you have to be both deranged and a contortionist to come up with this kind of rubbish.. but if it keeps these sort of people off the streets well ...
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Aug 2006
Status:
Offline
|
|
There is an easier way. From the lock screen just press and hold the home button until Siri comes on and tell it to dial. Why go through all that non-sense
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|