Flaw In iOS Allows You To Bypass Passcode To Get To Messages & Photos

A new critical security flaw discovered in iOS 8 and up allows anyone to bypass iPhone’s passcode and gain access to personal information using the benevolent nature of Apple’s personal assistant Siri. What’s scary is that this flaw also exists in the latest iOS 10.2 beta. Specifically the third beta of iOS 10.2. The security glitch has been discovered by EverythingApplePro and iDeviceHelps and is now in the public domain via a video demonstration:

Until Apple fixes this issue, iOS users can protect themselves by disabling Siri on the lock screen via the following method:

  • Go to Settings
  • Go to Touch ID & Passcode
  • Disable Siri on the Lockscreen by toggling the switch to disable.

Once disabled, you will only be able to use Siri after you have unlocked your iOS device using the passcode or your fingerprint.

Alternatively, you can just remove Photos access from Siri using the following method:

  • Go to Settings
  • Go to Privacy
  • Go to Photos and then prevent Siri from accessing pictures.

Since iOS 10.2 is still in beta, you can likely expect a fix to be rolled in to that when it is finally released. Thus don’t forget to upgrade to that release when it appears. In the meantime, you should protect yourself accordingly.


One Response to “Flaw In iOS Allows You To Bypass Passcode To Get To Messages & Photos”

  1. […] physical access to an iOS device to get to Messages and Photos has been fixed. I reported on that here back in […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: