Warning: Don't leave your iPhone unattended or risk pranks, data theft

Warning: Don't leave your iPhone unattended or risk pranks, data theft

Thanks to the quick Camera access and power of Siri as a virtual assistant, iOS 5 and iPhone 4S are more convenient than ever -- but they also leave you open to everything from pranks to data theft. We've talked about this extensively on the iPhone Live podcast but it's worth repeating here.

Double clicking the Home button and tapping the Camera icon bypasses a Passcode Lock and instantly lets you take pictures. You can't access anything else, but if you leave your iPhone unattended, a friend or passerby can easily prank you by taking an inappropriate picture (from innocuous "funny faces" to to full on "junk attacks" -- don't ask.) If you have Photo Stream enabled, that prank picture can quickly propagate to all your other iOS devices, your PC, and your Apple TV, and the only way to remove it is to delete the entire stream.

You can't currently disable the fast Camera access. You can disable Photo Stream by going to Settings, iCloud, and toggling Photo Stream to Off.

Holding down the Home button to activate Siri also bypasses the Passcode Lock, and while Siri is prohibited from doing things like deleting contacts or performing web searches without the lock code being entered, Siri can still call numbers, delete alarms, and perform other tasks unencumbered. If someone knows a contact's name, they can get access to their email address(es), phone number(s), etc. Even if they don't know a contact's name, because relationships can be set, they can simple ask for "mom" or "boss" and get the data that way.

Friends, strangers, and can also prank you by telling Siri to "call you" by some funny or rude name.

You can disable Siri's Passcode bypass. Go to Settings, General, Passcode Lock and flip the Siri toggle to Off.

Convenience and security are always at opposite ends of any feature list. Each individual has to decide for themselves how much convenience they want and how much security they're willing to give up for it. (Some people choose to not even use a Passcode Lock, after all.)

Disabling Siri's Passcode bypass reduces its speed and ease of use but increases its security. You can't just hold a button and start talking to have Siri take an email, for example, while you're driving. You have to enter the unlock code first, and perhaps each time depending on your settings.

Unfortunately, Camera access and Photo Stream need to wait for Apple to provide an easy off-toggle, and a way to delete individual pictures from the stream. Disabling Photo Stream contains any pranks, but means you lose the backup and multi-device replication of the feature.

In the meantime, the best practice is, of course, to never leave your iPhone unattended, especially around people you don't know -- or people you can't trust not to prank you.

Rene Ritchie

Editor-in-Chief of iMore, co-host of Iterate, Debug, Review, The TV Show, Vector, ZEN & TECH, and MacBreak Weekly podcasts. Cook, grappler, photon wrangler. Follow him on Twitter and Google+.

More Posts

 

0
loading...
0
loading...
1
loading...
0
loading...

← Previously

App Giveaway: ReaddleDocs for iPad

Next up →

Daily Deal: Seidio Innocase II Surface for iPhone 4S, iPhone 4 only $16.95!

There are 42 comments. Add yours.

Frank Tha Tank says:

First! All great points to take into consideration, good post. Hopefully Apple makes these changes for greater security.

Frank Tha Tank says:

First! All great points to take into consideration, good post. Hopefully Apple makes these changes for greater security.

Brian says:

Right now I can access the camera and then anything on the phone completely bypassing the pass code so unless there is another setting I've missed this is a flaw. And to the smug ones who say there is no problem have you never heard of mugging?

johncblandii says:

UberFAIL. lol.
5.0.1 should address these. Weird they dropped the ball on this.

Adam says:

"Uberfail"? Why, because you can't turn off a damn camera button? They can't even access your pictures from it!

johncblandii says:

Yes, it is because the only way to keep from the problems noted in the article is to turn off these highly touted new features. Basically they are useless without a leash on your device.
Granted, this is only an issue for peeps around pranksters but still...Apple dropped the ball here. I seriously would have to delete my wife's ENTIRE photo stream to nix a picture? How is that not a major fail?

johncblandii says:

Yes, it is because the only way to keep from the problems noted in the article is to turn off these highly touted new features. Basically they are useless without a leash on your device.
Granted, this is only an issue for peeps around pranksters but still...Apple dropped the ball here. I seriously would have to delete my wife's ENTIRE photo stream to nix a picture? How is that not a major fail?

Asdollah Mirza says:

You sir are the DEVILS ADVOCATE ! ( And that is meant as a compliment my friend ) ;)

johncblandii says:

LMBO. I do play that role sometimes, even when I agree w/ the person/people in the conversation. :)

Asdollah Mirza says:

@ Devils Advocate ,
Nothing wrong with that. Some of the best kind of arguments Ive had are the ones I had with myself! lol

Adam says:

"Uberfail"? Why, because you can't turn off a damn camera button? They can't even access your pictures from it!

johncblandii says:

UberFAIL. lol.
5.0.1 should address these. Weird they dropped the ball on this.

Wency says:

exactly. i wonder if siri can understand commands to enable/disable lockdown. the only time i wouldn't want to enter my lock code all the time is if i'm in the car...but i would want a more convenient way of managing than having to go to settings. so if forget to unlock my phone, i can punch in the code once, then tell siri to keep the phone unlocked.

Wency says:

exactly. i wonder if siri can understand commands to enable/disable lockdown. the only time i wouldn't want to enter my lock code all the time is if i'm in the car...but i would want a more convenient way of managing than having to go to settings. so if forget to unlock my phone, i can punch in the code once, then tell siri to keep the phone unlocked.

fastlane says:

Honestly, who the hell leaves their phone laying around? No pity.

fastlane says:

Honestly, who the hell leaves their phone laying around? No pity.

Adam says:

Lawsuits for what exactly? Illegal implementation of camera button?

Adam says:

Lawsuits for what exactly? Illegal implementation of camera button?

Adam says:

Oh no! The iPhone can take pictures with the stolen phone! The world is going to end!!!!!! We should immediately send back all our iPhones and boycott Apple for all eternity!!!!!

Morac says:

Well at least if someone steals your phone and uses it to take pictures you can not only track them using Find My Phone, but will have nice picture landmarks to help find them. :)

Adam says:

Oh no! The iPhone can take pictures with the stolen phone! The world is going to end!!!!!! We should immediately send back all our iPhones and boycott Apple for all eternity!!!!!

Adam says:

Why do you people leave your iPhone lying around when you're in a public place or with other people? I never let my iPhone out of sight and even though I have no passcode on it, I've never got faceraped or had any of my data stolen. I simply can't understand why you'd need a passcode on a device that's with you at all times. But then again, I don't have any confidential Pentagon files on my iPhone, maybe other people do...,

johncblandii says:

Before this week, I would have agreed but this week I left my phone at a temporary desk while I ran to do a few things.
It happens.

Adam says:

For those situations, there are apps that will sound an alarm if you move the phone without inputting a passcode. Sure, you can quit the app by pressing the home button but no thief or friend is going to carefully press the home button before taking the iPhone from the desk. I've succesfully used it when sleeping at a hospital (it would've been uncomfortable to sleep with the iPhone in my pocket) and no one took it.

johncblandii says:

That's too much. Hospital? Airport? Yeah...that's coo but on a general basis...nah.

johncblandii says:

Before this week, I would have agreed but this week I left my phone at a temporary desk while I ran to do a few things.
It happens.

Adam says:

Why do you people leave your iPhone lying around when you're in a public place or with other people? I never let my iPhone out of sight and even though I have no passcode on it, I've never got faceraped or had any of my data stolen. I simply can't understand why you'd need a passcode on a device that's with you at all times. But then again, I don't have any confidential Pentagon files on my iPhone, maybe other people do...,

Asdollah Mirza says:

I think what they mean is about leavin your home unattended at your own place or a friends , when you take a leak or something like that .

IPilot4S says:

Hmm if I'm going to the toilet I'm taking my phone for something to do... iPoo is pretty cool :-).

Asdollah Mirza says:

Well yeah but be careful about iFlush ;) :P

OrionAntares#CB says:

What, no voice pattern recognition for Siri?
Srsly

SunFace says:

What if when your phone was locked with a passcode Siri would ask you for the passcode before allowing you access to any of its features?

Morac says:

It does that for some features, but not all. Anything that Siri can do without accessing another app doesn't require the passcode. So things like sending emails can be done while the screen is locked, but asking for directions cannot.

John says:

Siri or none, lockscreen camera or none, i NEVER EVER leave my $700 iphone unattended. Its the most expensive, most sought-after thing I carry around. Anyone who would leave any personal data-rich smartphone unattended is prolly not that smart.

Curtisclone says:

Is there a possibility that after Siri gets out of Beta that we will be able to use a voice activation? For example, holding the home button, receiving a audible/visual prompt, then saying our password "abracadabra" and that would then allow Siri to access the her full functionality! This could be a secondary unlocking mechanism, keeping the passcode entry for more public venues and using the voice activation for on the go in the car, etc.

David Harrison-Rand says:

These aren't bugs they're features! :)
BTW, I love the Siri prank.

Haywood says:

I don't leave my phone laying around but lets just say it falls ou of my pocket or someone grabs it off my belt? I previously liked the idea that the couldn't get into the phone. Now the flip up the camera and press home button and have access to data files, confidential emails, contacts, relatives info etc etc - why put this release out ther when they knew it didn't work properly.