iOS 9 Security Flaw Allows You To Bypass A Passcode Protected Lock Screen
If you’ve just updated to iOS 9 or iOS 9.0.1, you might want to watch this video that demonstrates a new flaw found in either of those versions of iOS:
Here’s an explanation of what you’ve just seen. There appears to be a bug in the Siri lock screen access and iOS 9’s five-attempt lockout policy. Under a specific set of circumstances invoking Siri from an iPhone or iPad’s lock screen grants limited system access. I’ve tried out this attack and verified that this is an issue.
To protect yourself, you have two choices:
Disable Siri lock screen access by navigating to Settings > Touch ID & Passcode, entering their current passcode and deactivating Siri under the “Allow access when locked” heading.
Create a custom alphanumeric passcode.
Now it is unclear whether Apple is aware of this (but I am guessing that as this makes the rounds, they will become aware of it) or when a fix will be issued. Thus the best thing you can do is to use one of the above methods to mitigate this.
This entry was posted on September 24, 2015 at 1:01 pm and is filed under Commentary with tags Apple. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
iOS 9 Security Flaw Allows You To Bypass A Passcode Protected Lock Screen
If you’ve just updated to iOS 9 or iOS 9.0.1, you might want to watch this video that demonstrates a new flaw found in either of those versions of iOS:
Here’s an explanation of what you’ve just seen. There appears to be a bug in the Siri lock screen access and iOS 9’s five-attempt lockout policy. Under a specific set of circumstances invoking Siri from an iPhone or iPad’s lock screen grants limited system access. I’ve tried out this attack and verified that this is an issue.
To protect yourself, you have two choices:
Now it is unclear whether Apple is aware of this (but I am guessing that as this makes the rounds, they will become aware of it) or when a fix will be issued. Thus the best thing you can do is to use one of the above methods to mitigate this.
Share this:
Like this:
Related
This entry was posted on September 24, 2015 at 1:01 pm and is filed under Commentary with tags Apple. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.