Security Flaw in iOS 6.1 Gives Unauthorized Access To Phone App Even With Passcode Lock [Updatedx2]

BY Jason

Published 14 Feb 2013


A new security flaw has been discovered in iOS 6.1, which allows anyone to bypass the passcode lock on the iPhone and gain access to the Phone app.

This means that someone can easily gain access to your Contacts, check your voicemail, send text messages, make FaceTime calls and even access your photos (by trying to add a photo to a contact).

The bug was discovered and detailed by a YouTube user with the handle – videosdebarraquito. Here’s how you can reproduce the bug:

  • Press the Sleep/Wake (Power) button to lock your iPhone
  • Now press the Home button and slide to unlock.
  • Tap on the Emergency Call key
  • Now hold the Sleep/Wake button until the “slide to power off” slider appears
  • Tap on the Cancel button
  • Then enter the emergency number like ‘112’
  • Tap the Call button and then immediately end the call by tapping on the End button
  • Hit the Sleep/Wake button to lock your iPhone and press the Home button
  • Now slide to unlock again
  • Hold the Sleep/Wake button and after 3-4 seconds tap the Emergency Call button

That’s it, you should be able to access the Phone app without the passcode.

It looks like the issue is also affecting iPhones on iOS 6.0.1 and iOS 6.0.2. A similar security flaw had also affected iOS 4.1, which was fixed by Apple in iOS 4.2.

It is always intriguing how someone can figure out these security flaws.

We’ll let you know as soon as we’ve any further updates.

Update 1:

Updated the video with the one from The Verge and also included step-by-step instructions on how to reproduce the bug.

Update 2:

Apple has acknowledged the iOS 6.1 passcode security flaw and has promised to fix it in a future software update. Check this post for more details.

Via: The Verge