iOS 7 Bug Lets Users Bypass Passcode Protection

A potentially nasty security vulnerability has been uncovered in iOS 7, which could allow an unauthenticated user to play with emails, social networks and photos on an Apple device running the recently-released operating system.

All the hack requires is for a user to pick up an iPhone or iPad running iOS 7, swipe up to access the control centre and open the alarm clock. Then hold down the power button, but do not power off. Instead tap cancel and double click the home button to access the multitasking screen. From there, it is possible to access photos.

It appears the latter stage of the hack needs to be carried out fairly quickly.

Hacking iOS 7 devices

The video below from Jose Rodriguez, who uncovered the flaw, shows how to bypass the iOS passcode protection:

According to Forbes, Apple is working on a fix. The most-recent iOS 7 update already covered a slew of vulnerabilities, with 41 updates.

iOS 7 has faced much scrutiny from the security community. A crowdfunded bounty was offered earlier this week to the first person who can show how they hacked the Touch ID login system, using just a fingerprint taken from another surface, like a beer glass. Thousands of dollars are already on offer.

Meanwhile, researchers are planning on revealing research that would show weaknesses in iMessage. Apple had previously claimed it was using end-to-end encryption on iMessage, so only the sender and receiver would be able to read messages. It said the company could not decrypt the data.

The weakness resides in the protocol itself, according to researchers from Quarkslab, who are due to present their full findings at the Hack In The Box conference in Asia next month.

What do you know about Internet security? Find out with our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

1 hour ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

3 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

18 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

20 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

22 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

23 hours ago