Yet another convoluted lock screen bypass for Apple to patch

iPhone passcode (Image credit: iMore)

As long as Lock Screen is tasked to provide both security and convenience, we're going to continue to find cases where the former latter compromises the former. That it's becoming increasingly complex and almost arcane to find the compromises is s a good thing. Case in point, the latest one found on iOS 12 for devices up to and including iPhone X and iPhone X Max.

From MacRumors:

With physical access to the locked device, the attacker first asks Siri to activate VoiceOver, sleeps the device with the Side button, and then calls the iPhone using another device. Once the call screen shows up, the attacker taps the Message button, opts to create a custom message, and then taps the plus (+) icon in the top right.Next, on the other phone, the attacker sends a text or iMessage to the target iPhone, whose screen is then double-tapped when the message notification appears. This causes an odd behavior in the UI, since it highlights the plus icon underneath.After a short wait, the screen goes white and the notification disappears, but the VoiceOver's text selection box is apparently still tappable and can now be used to access the Messages interface. Following multiple screen swipes, the VoiceOver is heard to say "Cancel," which reveals the original Messages screen.Adding a new recipient to the message and selecting a numeral from the virtual keyboard then reveals a list of recently dialed or received phone numbers and contacts. Further, if one of the numbers or contacts includes an info ("i") button, disabling VoiceOver and tapping the button shows the contact's information. Performing a 3D Touch action on the contact also brings up call and message options, along with options to Add to Existing Contact or Create New Contact.

There's a similar one for camera roll. Since an attacker would need physical access to a device to even begin to attempt to trigger the exploit, and since disabling Siri on the Lock screen prevents it completely, there's nothing for most people to worry about right now. We just need to wait for Apple to include the fix in the next update, as always.

Hit the link above for the full story and video.

Get More iPhone

Apple iPhone

○ iPhone 12 and 12 Pro Deals
○ iPhone 12 Pro/Max FAQ
○ iPhone 12/Mini FAQ
○ Best iPhone 12 Pro Cases
○ Best iPhone 12 Cases
○ Best iPhone 12 mini Cases
○ Best iPhone 12 Chargers
○ Best iPhone 12 Pro Screen Protectors
○ Best iPhone 12 Screen Protectors

VECTOR | Rene Ritchie

Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.

Latest

macOS 15 set to get a revamped and smarter Calculator app that looks like the one on iOS

See more latest ►

Master your iPhone in minutes

Most Popular