Familiar passcode flaw discovered in iOS 7

Share this article:

A familiar little flaw in Apple's iOS 6 that allowed users to bypass the passcode lock screen has reappeared in iOS 7, making it the first significant vulnerability discovered in the mobile operating system that was released on Wednesday.

The bypass – which Apple has said it is aware of and working to fix – has been replicated by users on iPhone and iPad devices. It was discovered by Jose Rodriguez, who gained fame in the past for finding ways to slip past Apple's iOS security protocols for lock screens. He demonstrated the bug on YouTube

It works by swiping up on the lock screen to bring up the Control Center, a feature new to iOS 7. From there, open up the alarm clock. Next, hold the sleep button until the power off option comes up, and then hit cancel while double-clicking the home button. The final click must be held a little longer for the exploit to work.

Doing all that will bring up the multitasking screen. Notably, this allows access to the camera and to photos stored on the device, which hijackers can share via email, Twitter, Facebook, Flickr and the like – ultimately compromising those accounts.

Until Apple releases a fix, a temporary solution is to disable access to the Control Center while the device is locked. This change can be made in device "settings."

Share this article:

Sign up to our newsletters

More in News

Researchers uncover critical flaws impacting satellite communications

Critical security issues that leave satellite communications vulnerable to being intercepted, manipulated or blocked were detailed in a white paper.

Virgin Media email blunder leads to breach affecting 130k

The message snafu affected only customers with a Virgin.net account.

German Aerospace Center discovers spy malware on network

The possibly foreign malware affected all computer systems and left little for investigators to work from because it was designed to self-destruct.