backtop


Print 31 comment(s) - last by rbuszka.. on Sep 27 at 10:02 AM

Apple is working on a fix now

Apple just released its latest operating system yesterday -- iOS 7 -- and as expected with new releases, users are finding bugs. The most recent find allows anyone to bypass an iPhone user's lockscreen and access their photos, Twitter, email and more. 

According to Forbes, Jose Rodriguez -- a 36-year-old soldier from Spain’s Canary Islands -- found the lockscreen vulnerability in his free time. He is known for finding lockscreen security flaws in previous versions of iOS as well. 

The lockscreen flaw in iOS 7 allows someone to bypass the passcode screen entirely by swiping up to access the "Control Center," and opening the alarm clock. They then hold the phone's sleep button down -- which offers the option to power it off -- but instead, they hit "cancel" and double click the home button to access the multitasking screen.

From there, it's free access to the iPhone's camera and photos, as well as options to share them through Twitter, Facebook and email. Check it out in this video:


It's not clear if this is a problem with the iPhone 5S or 5C yet, but it's been a proven issue in the iPhone 4 and 5 as well as the iPad. 

Apple is already aware of the problem, and says it will be fixed in a future software update. 

“[Apple] takes security very seriously and we’re aware of this issue," said an Apple spokesperson. "We’ll deliver a fix in a future software update.”

Until that fix is released, users can disable access to the Control Center from their lockscreen by choosing Settings>Control Center>Access on Lock Screen and toggle it off. 

Source: Forbes



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

That....
By Cheesew1z69 on 9/20/2013 11:13:44 AM , Rating: 3
Escalated quickly....




RE: That....
By retrospooty on 9/20/2013 12:13:06 PM , Rating: 5
LOL. But I dont fault Apple for this. Bugs happen, and I am sure they will fix it quickly.

What is a laugher, is the pompous fanboys that act like Apple is impervious to such obvious flaws. LOL.

Shhh... Lets pretend like this didnt happen.


RE: That....
By tayb on 9/20/13, Rating: -1
RE: That....
By amanojaku on 9/20/2013 12:29:21 PM , Rating: 3
Bugs happen, but Apple thinks differently. And the company does not fix things quickly, unless it becomes publicly known.
quote:
The oldest bug in the batch appears to be a kernel issue from 2011 discovered by Marc Heuse where-in an attacker could have sent specially crafted IPv6 packets to an iPhone 4 and caused a high CPU load. While the bug is known as CVE-2011-2391 in the Common Vulnerabilities and Exposures database, the CVE warns the attached date does not necessarily reflect when the vulnerability was discovered.

Several vulnerabilities from 2012 are also addressed in the update, all involve fixing arbitrary code execution bugs in the libxml and libxslt libraries.
http://threatpost.com/apples-ios-7-update-fixes-80...

I'm pissing on Apple the same way I did MS when it hid the truth and was slow to fix things, and I'd piss on Google if it hid vulnerabilities.

http://prod.lists.apple.com/archives/security-anno...


RE: That....
By vol7ron on 9/20/2013 12:32:24 PM , Rating: 2
if you look quickly... it didn't


RE: That....
By Reclaimer77 on 9/20/2013 3:30:59 PM , Rating: 2
Apple has always sucked when it comes to security, this should come as no surprise.

True security isn't sexy. You have to be willing to inconvenience the user, to put function over form (like Windows UAC).


RE: That....
By Tony Swash on 9/21/13, Rating: -1
RE: That....
By Apone on 9/20/2013 4:21:18 PM , Rating: 5
It hasn't shown up so I'm gonna' jump in and say it.

"It's not a flaw, it's a feature!


RE: That....
By Cheesew1z69 on 9/20/2013 4:52:10 PM , Rating: 2
I thought it was a gimmick? :o


RE: That....
By Kiffberet on 9/23/2013 8:38:27 AM , Rating: 2
You're clearly a Apple hater. Hatin' away at any opportunity.

All the posts are of people trying to reproduce the security error. Not a single one is a fan boy. But at least you got some Hatin' off your chest.


RE: That....
By KiwiTT on 9/26/2013 3:43:03 PM , Rating: 2
... How long would you have to wait until a similar bug is rolled out to an Android Phone.


"Paying an extra $500 for a computer in this environment -- same piece of hardware -- paying $500 more to get a logo on it? I think that's a more challenging proposition for the average person than it used to be." -- Steve Ballmer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki