Familiar passcode flaw discovered in iOS 7

Share this article:

A familiar little flaw in Apple's iOS 6 that allowed users to bypass the passcode lock screen has reappeared in iOS 7, making it the first significant vulnerability discovered in the mobile operating system that was released on Wednesday.

The bypass – which Apple has said it is aware of and working to fix – has been replicated by users on iPhone and iPad devices. It was discovered by Jose Rodriguez, who gained fame in the past for finding ways to slip past Apple's iOS security protocols for lock screens. He demonstrated the bug on YouTube

It works by swiping up on the lock screen to bring up the Control Center, a feature new to iOS 7. From there, open up the alarm clock. Next, hold the sleep button until the power off option comes up, and then hit cancel while double-clicking the home button. The final click must be held a little longer for the exploit to work.

Doing all that will bring up the multitasking screen. Notably, this allows access to the camera and to photos stored on the device, which hijackers can share via email, Twitter, Facebook, Flickr and the like – ultimately compromising those accounts.

Until Apple releases a fix, a temporary solution is to disable access to the Control Center while the device is locked. This change can be made in device "settings."

Share this article:

Sign up to our newsletters

More in News

Five schools earn NSA's excellence in cyber ops distinction

The schools earned NSA's Centers for Academic Excellence designation for their cyber offerings.

With RATs at their disposal, 419 scammers target businesses

With RATs at their disposal, 419 scammers target ...

A new report reveals how Nigeria's 419 scammers are spreading malware to pocket business funds.

InfoSec pros worried BYOD ushers in security exploits, survey says

InfoSec pros worried BYOD ushers in security exploits, ...

A study by the Information Security Community on LinkedIn found most organizations don't have proper polices and support for BYOD.