"The discovery was made by Jose Rodriguez, a soldier in Spain’s Canary Islands, who has a history of discovering these tricky bypass methods. His secret? Plenty of time waiting in cars in his former job as a driver for government officials."
I love that. It's not a 'security researcher', it's just some guy messing around with his phone.
There's so much happening and accessible on a "locked" iPhone that it's not surprising something may go wrong. Securing a phone that can't do anything when locked would be much easier.
I don't know about shady, I just know a lot of people don't care for them or the way they present things. I'd also just read the Forbe's article and then clicked through to techcrunch and realized that's what they were reporting from.
In iOS 6, the default configuration allowed anyone to send texts (and I think emails) from your accounts by dictating them to Siri through the lock screen.
No one seemed to think this was a big deal, but there was certainly potential for abuse. Security of incoming texts is more important, but being able to send a fraudulent iMessage is definitely a problem for kids who like messing with each other's emotions...
To clarify: this doesn't actually give anyone free access to your phone. As near as I can tell, all it lets them do is access your camera roll, and share items from it using the share panel. They can also see what your recent apps list is, but they can't actually access any of them (besides the camera).
That has nothing to do with Firefox properly downloading files. Your link has to do with a security bulletin regarding out of date Android devices being vulnerable to attacks.
Totally, but in a comparison of vulnerabilities it is much different to compare flaws in apps versus the default software included in the system. The former is a vulnerability to a very small percentage of users whereas the latter applies to literally every device. It also relies heavily on the App store acceptance policies, the ability to install apps not through the app store, and the competence of the developers making those apps.
At least the iOS7 lock screen seems useful. The #1 use of my phone is as a music player. Android somehow thinks it should only show media controls while I'm playing music, and for a minute or two after I put it on pause. FFS, just make my entire music library accessible and always on the lock screen.
Between that, and having maps auto-unlock if you're in nav-mode -- that'd solve about every dangerous car-phone situation I run into.
The "Navigation" app has always been part of Maps, specifically the turn-by-turn navigation features. This hasn't changed with the latest Maps. In this turn-by-turn navigation mode, the screen stays on, just like older versions.
Yes, I'm well aware that it has always been part of maps.
I was merely addressing this, hopefully to avoid confusion for those who might not understand where the "Navigation" icon went.
"Note that this vulnerability is incredibly easy to prevent for now. Just visit Settings>Control Center and toggle off ‘Access on Lock Screen’ to patch it up."
I tried numerous times with iPhone5 on iOS7 and I can't reproduce it. I wonder what the timing issue is. I tried immieately double-pressing home after cancelling the poweroff, and then delaying it. Nothing worked.
My passcode lock is set to immediately. After changing it to "5 min" it worked. Changing it back made it impossible again. So that's another way to avoid the vulnerability (along with turning off control center access from lockscreen).
Regardless, I'm sure this'll be fixed shortly and glad this guy found the vulnerability so soon!
This is odd, you say setting passcode lock to "5 min" worked but "immediate" didn't. Someone else said the exact opposite. I've tried both with no luck. In the video the person appears to also hold the "home" key while cancelling (or a just tap split second prior, maybe?), too but no mention is made of this.
Not that it matters to the resolution of the vulnerability - I'm sure Apple will be in a position to repro and fix it - but I wish for the sake of my own curiousity that these things are described in more detail.
Tried this with both "immediately" and 15 min on iPad Mini. Reproduced it every time.
As a side note, one can use this bug to access contacts list and send email on behalf of the owner (via share menu in photo stream).
Edit:
Just found out that I can tweet, post to facebook and send email just by using Siri (if that setting is enabled). Although, this might be the correct behavior.
I think these "vulnerabilities" are silly. The lockscreen on the phone is the equivalent of a screen door: it's meant to keep the bugs out, and to signal to the outside world, "Hey, this is a closed door, behave appropriately." But no one is going to be surprised if burglars are able to get past it.
Do you have a password protected computer? Like a computer, a phone can have sensitive information. For many, such as my wife and sister, a phone is their computer. They put everything on it. A lock screen is a no different than any other password prompt you encounter. They're passwords. Passwords are not silly.
> If someone gets physical access to a device, it is compromised.
This is the same with your computer. What's your point? Do you have no private information?
(Don't say "everything's encrypted": it's the same with passworded iPhones, and again: same issue with your PC. There are numerous simple hardware compromises like keyloggers, or removing and chilling RAM to get keys unencrypted from memory, etc)
My point was that it is the same with my computer, hence I don't bother with login passwords for either. If you get physical access to either, they are compromised. The veneer of security that a login password for my phone or computer provides is not worth the many times a day hassle of providing it.
Note that this is distinct from the login password to something remote.
Okay, fair enough. I quite understand where you're coming from. Good on you for practising what you preach!
Personally, I appreciate the simple deterrent passwords have provided. :-)
If someone gets physical access to the phone, most data is certainly compromised. But there is still value in a passcode, as the system/apps on an iPhone can store the most valuable data (e.g. saved passwords) encrypted using the passcode as the key. Without a passcode losing your phone means immediately losing the keys to your entire online kingdom. Especially if you have email credentials set up. (Even if you have been using a passcode when you lose your phone you should still change your credentials, but in the meantime it is much less likely that your accounts are compromised.)
It doesn't have to be a screen door, and as far as I understand, it's not intended to be with iOS 7. The phone will not let you sync with an unrecognized external device unless you unlock it, and will stop you from brute forcing the passphrase, as well. Unless you physically take apart the device to remove the flash storage, I don't think there's a way to access the photos on it.
Impossible, Apple releases beautiful features that are flawless and have turned this phone into the Samsung and Android killer that everyone was waiting for. It's 64 bit!
I can see how reproducing could potentially be tricky for some, that said, I was able to reproduce this almost instantly. I wonder if I should bother restoring back prior to iOS 7 or just wait for the patch? Hmmm....
I love that. It's not a 'security researcher', it's just some guy messing around with his phone.