Quick Apple iOS 7 Beta Bypass

Thursday, June 13, 2013 @ 04:06 PM gHale

It didn’t take long.

An iPhone user in Spain who downloaded the beta version of Apple iOS 7, which came out Monday, was able to bypass its screen-lock security feature.

The revamped mobile operating system unveiled by the Cupertino, CA, technology company last week at its annual World Wide Developers Conference in San Francisco. iOS 7 should release sometime this fall, but the beta has been available all week.

Security Advisories for BlackBerry
Mobile Security Costs Companies
BYOD Dilemma: Risky Apps
Federal Security Guidelines Reworked

Jose Rodriguez recorded a video demonstrating an exploit in which he gains partial access to the phone without having to enter the screen-lock password.

This isn’t the first time Apple dealt with iPhone lockscreen bypass issues. In February, there was a flaw in iOS 6.1 where a user could bypass the screen-lock feature and access the device’s phone feature, view and edit contacts, check voicemail and look through photos. All a user needed to do was make an emergency call, cancel the call, and then trick the device into thinking the user turned it off by holding the lock button twice. Later that same month, researchers found a kernel-glitch in the same version of iOS that could bypass the lock-screen again.

The new operating system offers a substantial redesign with at least two security features. The first is Activation Lock, and its intent is to guard lost and stolen devices against factory resets. Apple’s iOS 5 introduced the iCloud and a feature called Find My iPhone became part of the iOS default installation. It allows users to track down the GPS location of missing devices through the iCloud and perform various functions, like locking a device, remotely wiping it, or causing it to ring and display a customized message.

Problematically, thieves often perform a factory reset on stolen devices (unless they are trying to mine the devices for data), rendering the Find My iPhone feature useless. In iOS 7 however, performing a factory reset is only possible after a user enters their Apple ID and password. The other feature is a sort of password manager called iCloud Keychain and it allows a user to store (in 256-bit AES encryption) and sync passwords and credit card numbers between their various iDevices.

Leave a Reply

You must be logged in to post a comment.