A new iOS 7.1.1 iPhone Lock screen bypass has been discovered. Lock screen bypasses in and of themselves aren't new — trying to protect a phone while also allowing access to convenient features results is an incredible tension — but this one can provide access to an app, which makes it one of the most serious to date. It does require physical access to your iPhone, but if you do lose possession, here's how the bypass works and, more importantly, how you can protect yourself from it.
Note: iMore tested the exploit and its scope before reporting on it. We were able to duplicate it but also get a sense of its ramifications and limitations.
First, in order to get around the passcode lock, this bypass requires that the iPhone be placed into Airplane mode, and that a missed phone call notification be present. When those conditions are met, tapping or swiping the missed call notification will cause a Settings popup to appear on top of whatever app was last active (in the foreground) on the iPhone prior to it being locked. Dismiss the popup and you have access to the app. Just that one app, mind you. Clicking the Home button will take you back to the Lock screen and the passcode, not the Home screen, so the exposure is limited. Based on the last app, however, your privacy and security can be compromised.
Apple will no doubt patch this exploit as soon as they can. In the meantime, how can you protect against it?
- Disable Control Center from the Lock screen. (I keep this disabled permanently, I never want someone to be able to put my phone in Airplane mode without the Passcode or Touch ID.)
What if, for some reason, you don't want to disable Control Center?
Or, more specifically:
If even that is too much for you:
- Make sure you never leave your iPhone in Airplane mode and always go to Home screen before locking your iPhone.
If the Home screen (SpringBoard) is the last thing in the foreground, the exploit simply doesn't work.
Usually Lock screen bypasses are limited to system apps whose contents are left unlocked to support certain convenience-based features from the lock screen. i.e. - it makes sense that lock screen bypasses in the past gave an attacker access to Contacts, because you can receive calls while on the lock screen, and caller information is shown. In this case it's unclear why the contents of the last foregrounded app are unencrypted.
Again, Apple's security team is top notch and they're usually quick to patch exploits, so until they do make sure you take steps to protect yourself and your data, and if you have any questions, ask away!
Nick Arnott contributed to this article