A new iOS 7.1.1 iPhone Lock screen bypass has been discovered. Lock screen bypasses in and of themselves aren't new — trying to protect a phone while also allowing access to convenient features results is an incredible tension — but this one can provide access to an app, which makes it one of the most serious to date. It does require physical access to your iPhone, but if you do lose possession, here's how the bypass works and, more importantly, how you can protect yourself from it.
Note: iMore tested the exploit and its scope before reporting on it. We were able to duplicate it but also get a sense of its ramifications and limitations.
First, in order to get around the passcode lock, this bypass requires that the iPhone be placed into Airplane mode, and that a missed phone call notification be present. When those conditions are met, tapping or swiping the missed call notification will cause a Settings popup to appear on top of whatever app was last active (in the foreground) on the iPhone prior to it being locked. Dismiss the popup and you have access to the app. Just that one app, mind you. Clicking the Home button will take you back to the Lock screen and the passcode, not the Home screen, so the exposure is limited. Based on the last app, however, your privacy and security can be compromised.
Apple will no doubt patch this exploit as soon as they can. In the meantime, how can you protect against it?
- Disable Control Center from the Lock screen. (I keep this disabled permanently, I never want someone to be able to put my phone in Airplane mode without the Passcode or Touch ID.)
What if, for some reason, you don't want to disable Control Center?
Or, more specifically:
If even that is too much for you:
- Make sure you never leave your iPhone in Airplane mode and always go to Home screen before locking your iPhone.
If the Home screen (SpringBoard) is the last thing in the foreground, the exploit simply doesn't work.
Usually Lock screen bypasses are limited to system apps whose contents are left unlocked to support certain convenience-based features from the lock screen. i.e. - it makes sense that lock screen bypasses in the past gave an attacker access to Contacts, because you can receive calls while on the lock screen, and caller information is shown. In this case it's unclear why the contents of the last foregrounded app are unencrypted.
Again, Apple's security team is top notch and they're usually quick to patch exploits, so until they do make sure you take steps to protect yourself and your data, and if you have any questions, ask away!
Nick Arnott contributed to this article
Get the best of iMore in in your inbox, every day!
Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.
I turned off the Control Center on the Lock Screen because if someone steals my phone, they could simply put it in airplane mode and I wouldn't be able to remote wipe it.
They just need to remove airplane mode as an option while in the lock screen.
They need to remove everything in the lock screen mode. No camera, or anything else. You lock it, and can only unlock it. It may be inconvenient, but that should be the purpose of a lock screen. When you start adding too many things, even if you can turn them off, there will always be a way to exploit it.
@ Glen Russ: So, the entire phone should be designed for paranoid people who work in the CIA or NSA or something, instead of designing it for normal folks. Got it.
"Again, Apple's security team is top notch..." It is? So, why are we seeing these elementary security wrecks foundering one after another? I rather think Apple, who lacks the security culture and history present at some other companies, simply do not take security very seriously because they never before had to. Microsoft, in contrast, had to learn this stuff the hard way. Apple seem to be following the same path.
I wouldn't classify this as an "elementary school wreck". It's a minor bug that only gives one access to an app (maybe) that requires one to have access to the phone.
It's because Apple is soooooo dooooomed!
You are exaggerating. This bug is so minor it's not even really right to call it an exploit. The conditions that have to be met for it to work are unlikely and generally an exploit is something that can be done without physical access. To characterise this as a serious security "wreck" is just ridiculous.
If the iPhone is in Airplane mode, it will go straight to voicemail. Airplane mode turns the cell radio off. When you turn the airplane mode off and try to access the missed phone call, you will be required to enter your password.
So after all the bashing of android and how "not secure it is" this is funny these exploits continue popping up after apple "patches" them. You shouldn't have to disable something to not have to worry. Not sure why this is so hard for apple to fix... Sent from the iMore App
Meh. How are things, malware-wise, on Android these days?
Still the king of mobile malware?
Yeah. Thought so.
Ha typical fanboy response. I use an iPhone, it's just funny how secure apple and IOS are supposed to be yet this is like the 5-6 lock screen vulnerability. But running and installing apps from shady places is so much easier than a lock screen vulnerability.... Sent from the iMore App
You'd have to be seriously paranoid to "worry" about this at all. The chances of it affecting anyone are tiny at best.
This would be a real rarity for someone to make this happen.
I have a common spence solution to the "problem". I NEVER allow other people to even touch my phone. Why should I? They likely have one of their own already so they don't need mine. And if they don't have one, why not? Not mooching of mine. And not malware-infecting it either.
Prevention first. Sent from the iMore App
I doubt someone you would let use your phone would be the ones to do this. All that does no good if you lose your phone or it gets stolen.... Sent from the iMore App
They should at-least remove the camera app from the Lock-Screen Control Centre. There already is a way to access the camera on the Lock-Screen before Control Centre was added.
Thank you for signing up to iMore. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.