While iOS 9 has seen early success, already being installed on 50% of Apple’s devices less than a week after launch, a new potential security flaw has already been discovered. As demonstrated in the video below, the exploit can allow users to bypass an iPhone’s PIN-protected lock screen and get full access to saved photos and contacts. The flaw appears to take advantage of a bug related to using Siri at the lock screen.
As Jose Rodriguez, who goes by “videosdebarraquito” on YouTube, demonstrates, an incorrect PIN just needs to be entered four times, and on the fifth attempt only three digits typed, followed by holding down the phone’s home button to activate Siri as the final number is entered.
From there, the steps include asking for the time, opening the Clock app, highlighting some entered text to get the “share” button, using the Share Sheet to switch to the Messages app, and eventually getting access to create a new contact and set a photo, followed by viewing the entire photo library.
There is a silver lining in this, and it’s that the lock screen must be protected by a four or six-digit passcode. The exploit won’t work if the password is alphanumeric. Rodriguez also notes that the phone in the video did not have his fingerprints registered, so TouchID did not play a factor in gaining access.
This security flaw exists in both the just-released iOS 9.0.1 patch, and the current version of the iOS 9.1 beta. But the other good news is that it’s easy to prevent this exploit from being used, aside from using an alphanumeric passcode over a PIN number. Users just need to disable the use of Siri from the lock screen in Settings by turning off access in the Touch ID & Passcode section.
SOURCE Hacker News