The hacks just keep coming and this time Apple’s iPhone is highlighted. iPhone’s users can have their photos and contacts accessed and the hacker doing so won’t even need the passwords to get to them.
“The vulnerability makes it possible for someone who gets even a brief moment with an iPhone to rifle through contacts and photos without entering the password.”
The report then showed a video of the hack in action as the demonstrator enters the incorrect password four times. On the fifth attempt the hacker has to hold down the home button before the phone auto-locks. The funny part is that Siri is also in on the hack. After bringing up the clock with Siri’s help, the attacker hits the + icon enabling them to have access to iMessage and a few other tools.
“Once in iMessage, the attacker has the ability to read, delete, or add contacts, but there’s also a way to access photos stored on the device by adding a profile. Other parts of the phone remain off-limits, so the bypass is only partial,” according to the report.
Those who are unable to complete the hack might not be hitting the home button in time. There is an element of timing involved which makes the process different for everyone.
“At any rate, the partial bypass hack can be prevented by preventing Siri from being accessed from the lock screen. To do this, access settings, choose Touch ID & Passcode, enter the device password, scroll down to ‘Allow access when locked’ and disable it,” according to Arstechnica.
Read the full story.