Feb 262013
 

Researchers have discovered another lock screen bug in iOS 6.1, which allows other people to get past your lock screen without a password and view your iPhone data after plugging it into a computer.

ios-6.1-lock-screen

The vulnerability was detailed in a YouTube video that revealed how a simple exploit allowed users to bypass the lock screen of a passcode-protected iPhone. The vulnerability, which was highlighted on Monday by Jacqui Cheng of Ars Technica, is similar to one that was recently discovered. This new bug, however, is a bit more open, allowing attackers to plug in the phone via USB and access its data (like contacts, voicemails, photos, and more) without needing a passcode. The trick is remarkably similar to the other lock screen bug in iOS 6, but involves using the screenshot tool as well as the emergency call button to get in. Check out the video above to see it in action, and watch out for the loud annoying music.

Apple promises to close this bug with the next version of iOS, 6.1.3. However, 6.1.3 also breaks the latest jailbreak, so it’s a tradeoff. Once again, this is a good reason to enable Find My iPhone, so if your phone does get lost or stolen, you can wipe your data and protect it from ne’er-do-wells.
Of course, a hacker must have physical access to the device for the exploit to yield any data. But using the method highlighted, data such as contacts and voicemails could be extracted from a stolen iPhone even if a passcode lock were enabled on the device.
As a result you should keep your iPhone with you during parties or other public places and to keep your data safe you’d better set password for iPhone backup files. With this password no one can access your backup data. Worry about losing this password? No need at all, you can always seek help from software like iPhone Backup Unlocker to unlock iPhone backup for you.

Be Sociable, Share!
 Posted by at 2:58 am

 Leave a Reply

(required)

(required)


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>