New Lockscreen Bypass in iOS 6.1
In a vulnerability that’s quite similar to one in iOS 4.1 a couple years ago, another lockscreen bypass has been discovered in iOS 6.1 which allows someone with physical access to your iPhone to make calls, view and modify your contacts, send an email to your contacts, listen to your voicemail, and access your photos (by attempting to add one of these to a contact).
The method for this bypass is fairly simple (see the video below for it in action):
- Swipe to unlock and then tap Emergency Call
- Make an emergency call (eg. 112/911) and immediately cancel it (please don’t unnecessarily call the emergency services ;)
- Press the power button twice
- Slide to unlock
- Hold down the power button for a couple seconds and then tap Emergency Call again.
- …
- Profit!
I should point out that this doesn’t seem to work on my iPhone 4 for some reason. Something does happen, but I just get a black screen until I press something whereupon I’m booted back to the lock screen.
Thanks for the post.
It always gets me how simple some of these exploites are and how easy (for a programmer anyway) it would be to fix this. I wish they would beta the hardware and software with security experts first before general launch, this would likely result in alot fewer problems like this.
Hi Mike,
Thanks for your comment. It’s true that it’s surprising how simple these seem sometimes. But in reality they’re not easy to find. I’m sure Apple has a number of security experts who look at iOS, but this kind of glitch, for a number of reasons, is not something that is easily picked up by those guys.