Warning: Don't leave your iPhone unattended or risk pranks, data theft

Warning: Don't leave your iPhone unattended or risk pranks, data theft

Thanks to the quick Camera access and power of Siri as a virtual assistant, iOS 5 and iPhone 4S are more convenient than ever -- but they also leave you open to everything from pranks to data theft. We've talked about this extensively on the iPhone Live podcast but it's worth repeating here.

Double clicking the Home button and tapping the Camera icon bypasses a Passcode Lock and instantly lets you take pictures. You can't access anything else, but if you leave your iPhone unattended, a friend or passerby can easily prank you by taking an inappropriate picture (from innocuous "funny faces" to to full on "junk attacks" -- don't ask.) If you have Photo Stream enabled, that prank picture can quickly propagate to all your other iOS devices, your PC, and your Apple TV, and the only way to remove it is to delete the entire stream.

You can't currently disable the fast Camera access. You can disable Photo Stream by going to Settings, iCloud, and toggling Photo Stream to Off.

Holding down the Home button to activate Siri also bypasses the Passcode Lock, and while Siri is prohibited from doing things like deleting contacts or performing web searches without the lock code being entered, Siri can still call numbers, delete alarms, and perform other tasks unencumbered. If someone knows a contact's name, they can get access to their email address(es), phone number(s), etc. Even if they don't know a contact's name, because relationships can be set, they can simple ask for "mom" or "boss" and get the data that way.

Friends, strangers, and can also prank you by telling Siri to "call you" by some funny or rude name.

You can disable Siri's Passcode bypass. Go to Settings, General, Passcode Lock and flip the Siri toggle to Off.

Convenience and security are always at opposite ends of any feature list. Each individual has to decide for themselves how much convenience they want and how much security they're willing to give up for it. (Some people choose to not even use a Passcode Lock, after all.)

Disabling Siri's Passcode bypass reduces its speed and ease of use but increases its security. You can't just hold a button and start talking to have Siri take an email, for example, while you're driving. You have to enter the unlock code first, and perhaps each time depending on your settings.

Unfortunately, Camera access and Photo Stream need to wait for Apple to provide an easy off-toggle, and a way to delete individual pictures from the stream. Disabling Photo Stream contains any pranks, but means you lose the backup and multi-device replication of the feature.

In the meantime, the best practice is, of course, to never leave your iPhone unattended, especially around people you don't know -- or people you can't trust not to prank you.

Rene Ritchie

Editor-in-Chief of iMore, co-host of Iterate, Debug, Review, The TV Show, Vector, ZEN & TECH, and MacBreak Weekly podcasts. Cook, grappler, photon wrangler. Follow him on Twitter and Google+.

More Posts

 

0
loading...
0
loading...
1
loading...
0
loading...

← Previously

App Giveaway: ReaddleDocs for iPad

Next up →

Daily Deal: Seidio Innocase II Surface for iPhone 4S, iPhone 4 only $16.95!

Reader comments

Warning: Don't leave your iPhone unattended or risk pranks, data theft

42 Comments
Sort by Rating

Right now I can access the camera and then anything on the phone completely bypassing the pass code so unless there is another setting I've missed this is a flaw. And to the smug ones who say there is no problem have you never heard of mugging?

"Uberfail"? Why, because you can't turn off a damn camera button? They can't even access your pictures from it!

Yes, it is because the only way to keep from the problems noted in the article is to turn off these highly touted new features. Basically they are useless without a leash on your device.
Granted, this is only an issue for peeps around pranksters but still...Apple dropped the ball here. I seriously would have to delete my wife's ENTIRE photo stream to nix a picture? How is that not a major fail?

Yes, it is because the only way to keep from the problems noted in the article is to turn off these highly touted new features. Basically they are useless without a leash on your device.
Granted, this is only an issue for peeps around pranksters but still...Apple dropped the ball here. I seriously would have to delete my wife's ENTIRE photo stream to nix a picture? How is that not a major fail?

"Uberfail"? Why, because you can't turn off a damn camera button? They can't even access your pictures from it!

exactly. i wonder if siri can understand commands to enable/disable lockdown. the only time i wouldn't want to enter my lock code all the time is if i'm in the car...but i would want a more convenient way of managing than having to go to settings. so if forget to unlock my phone, i can punch in the code once, then tell siri to keep the phone unlocked.

exactly. i wonder if siri can understand commands to enable/disable lockdown. the only time i wouldn't want to enter my lock code all the time is if i'm in the car...but i would want a more convenient way of managing than having to go to settings. so if forget to unlock my phone, i can punch in the code once, then tell siri to keep the phone unlocked.

Oh no! The iPhone can take pictures with the stolen phone! The world is going to end!!!!!! We should immediately send back all our iPhones and boycott Apple for all eternity!!!!!

Well at least if someone steals your phone and uses it to take pictures you can not only track them using Find My Phone, but will have nice picture landmarks to help find them. :)

Oh no! The iPhone can take pictures with the stolen phone! The world is going to end!!!!!! We should immediately send back all our iPhones and boycott Apple for all eternity!!!!!

Why do you people leave your iPhone lying around when you're in a public place or with other people? I never let my iPhone out of sight and even though I have no passcode on it, I've never got faceraped or had any of my data stolen. I simply can't understand why you'd need a passcode on a device that's with you at all times. But then again, I don't have any confidential Pentagon files on my iPhone, maybe other people do...,

Before this week, I would have agreed but this week I left my phone at a temporary desk while I ran to do a few things.
It happens.

For those situations, there are apps that will sound an alarm if you move the phone without inputting a passcode. Sure, you can quit the app by pressing the home button but no thief or friend is going to carefully press the home button before taking the iPhone from the desk. I've succesfully used it when sleeping at a hospital (it would've been uncomfortable to sleep with the iPhone in my pocket) and no one took it.

Before this week, I would have agreed but this week I left my phone at a temporary desk while I ran to do a few things.
It happens.

Why do you people leave your iPhone lying around when you're in a public place or with other people? I never let my iPhone out of sight and even though I have no passcode on it, I've never got faceraped or had any of my data stolen. I simply can't understand why you'd need a passcode on a device that's with you at all times. But then again, I don't have any confidential Pentagon files on my iPhone, maybe other people do...,

I think what they mean is about leavin your home unattended at your own place or a friends , when you take a leak or something like that .

What if when your phone was locked with a passcode Siri would ask you for the passcode before allowing you access to any of its features?

It does that for some features, but not all. Anything that Siri can do without accessing another app doesn't require the passcode. So things like sending emails can be done while the screen is locked, but asking for directions cannot.

Siri or none, lockscreen camera or none, i NEVER EVER leave my $700 iphone unattended. Its the most expensive, most sought-after thing I carry around. Anyone who would leave any personal data-rich smartphone unattended is prolly not that smart.

Is there a possibility that after Siri gets out of Beta that we will be able to use a voice activation? For example, holding the home button, receiving a audible/visual prompt, then saying our password "abracadabra" and that would then allow Siri to access the her full functionality! This could be a secondary unlocking mechanism, keeping the passcode entry for more public venues and using the voice activation for on the go in the car, etc.

I don't leave my phone laying around but lets just say it falls ou of my pocket or someone grabs it off my belt? I previously liked the idea that the couldn't get into the phone. Now the flip up the camera and press home button and have access to data files, confidential emails, contacts, relatives info etc etc - why put this release out ther when they knew it didn't work properly.