Even with the latest iOS 12 update, your iPhone"s lockscreen is unsafe
Once again, a way of bypassing the iPhone’s passcode lock to expose users’ photos and contacts has been discovered.
Jose Rodriguez, who has uncovered vulnerabilities in iOS’s lock screen security on a number of occasions in the past, has produced a video demonstrating an (admittedly convoluted) way of accessing information on locked iOS devices that really should be out of bounds.
In a Spanish-language YouTube video published last week, Rodriguez revealed how it is possible for an attacker who has physical access to an iPhone running iOS 12 to partially unlock its contents, provided that Siri is enabled, and Face ID is either disabled or physically covered.
The complex, 37-step procedure exploits Siri and iOS’s VoiceOver accessibility feature to bypass a locked iPhone’s passcode check.
It did not take long for an English-speaking YouTuber to produce a video demonstrating the same technique on the iPhone XS Max, and crediting Rodriguez for the discovery.
Over the years there have been an embarrassing number of passcode bypass flaws found in iOS. It’s clear that, despite all of the incidents, Apple still hasn’t managed to properly secure its devices from attacks like this.
Watching the video, it’s clear that it’s quite a parlarver to go through the process of bypassing somebody’s passcode lock – but if you were determined enough (perhaps you wanted to spy on your suspicious partner’s activities?) you may well be prepared to go through with it.
Locked should mean really locked, and yet time and time again bypasses have been found which have shown that Apple’s security is not as tight as it should be.
If you worry that your supposedly locked iPhone might be vulnerable to future flaws then my advice is that you can increase your security by permanently disabling Siri from the lock screen.
To do that, go to Settings / Touch ID & Passcode, scroll down to the “Allow access when locked” section and ensure that Siri is disabled.
Yes, that might make your phone slightly less convenient. But security matters, right?
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021