While it is just over 24 hours since Apple released its iOS 7, a security flaw in its lockscreen has already been uncovered. A device can be locked by requiring a passcode to be entered every time to proceed further from the lock screen. The hack was found by a Spanish security enthusiast, Jose Rodriguez. It was reported first by Forbes.
How does the hack work?
The lockscreen with a passcode can be bypassed by pulling up the control center (which strangely by default can be accessed even when the device screen is locked) and using the alarm app.
Then keep the top power button for the device pressed down which shows up an option to shut off the device. Press cancel and press the home button twice. The second tap has to be slightly longer than the first one.
This allows users access to all the apps which were running in the background before the device was in idle mode, which basically means someone could potentially access your photos or your email app.
Check out a video by Rodriguez.
The iOS 7 bug has been recreated on iPhone 4S apparently. Our very own Vivek Jain could recreate this vulnerability on his own iPhone 5. I too managed to recreate this bug on my own iPad Mini.
What does Apple say?
According to Forbes, Apple accepted the bug existed and was quoted as saying:
Apple takes security very seriously and we’re aware of this issue. We’ll deliver a fix in a future software update..
So basically make sure be careful with your devices until a fix is introduced by Apple. In the meanwhile, it is not a bad idea to look stop the ‘Control Center’ from showing up while the screen is locked. Look up Settings >> Control Center on your phone or tablet and you will be able to stop the Control Center from showing up with a lockscreen.
Do you own a iPhone or iPad and have you been able to recreate this bug? Do drop in your comments.