Apple recently released iOS 6.1.3 which included a fix for the passcode bypass bug that would allow an unauthorized person to access the Phone app on a locked iPhone. One day after the update, however, Matthew Panzarino of The Next Web is reporting that a new bypass bug has been discovered, this time by videosdebarraquito.
The passcode bypass in the previous versions of iOS 6 required a series of well-timed taps and button presses. The result was full access to the Phone app on a locked device without entering the passcode. This new bug (not quite new, it seems to have existed prior to iOS 6.1.3) requires a sequence that’s a little easier to execute as can be seen in this video. For some reason, this bypass seems to to be more difficult to accomplish on newer, Siri-capable devices.
The bypass can be achieved using the iPhone’s Voice Dial feature. By holding the Home button on a device for a few seconds, the Voice Dial feature will come up. Issue a dial command such as “Dial 303-555-1212”, then as the call is being initiated, eject the SIM card. The iPhone detects the SIM has been removed, cancels the call, and displays an alert saying there is no SIM. Behind the alert you will see the Phone app and after dismissing the alert, you will have full access to the Phone app. As before this means you can access contact information as well as all photos on the device.
Initially thought to only be possible on non-Siri phones, reports are now coming in of this bypass being performed on the iPhone 4S and 5 as well, though it doesn’t seem to be as easily reproducible on these devices. Performing the bypass on these devices devices would also require Siri to be disabled and Voice Dial to be enabled.
Unlike the previous bug, this bypass can also easily be prevented by disabling Voice Dial. This can be done in the iPhone’s Settings app, under General > Passcode Lock, by turning the Voice Dial switch to off. With the way Apple has been handling these so far, it would not be surprising to see this fixed in a 6.1.4 update.
Update: Article update with more information on the scope of the vulnerability.
We may earn a commission for purchases using our links. Learn more.
IK Multimedia's Safe Spacer: A discrete social distancing monitor
The new Safe Spacer from IK Multimedia looks like an Apple Watch and can be worn by anyone to measure social distancing, alerting users if they get too close together.
Apple releases the first public beta of watchOS 7.1
Apple has released beta 1 of watchOS 7.1 for its public beta testers. Here's how to download it.
Ted Lasso's AFC Richmond has a Twitter account and now you know it exists
"Ted Lasso" is an Apple TV+ show that's taken social media by storm. So it stands to reason that Lasso's team is doing the same.
These HomeKit accessories won't upset your landlord
Just because you rent your home, doesn't mean it has to be dumb! You can still deck out your HomeKit with these accessories.