Wednesday, 20 February 2013

Security flaw allows snoopers to access locked iPhones - CNN.com

Security flaw allows snoopers to access locked iPhones

Doug Gross, CNN

In a YouTube video, a user shows how a nearby phone can be used to bypass an iPhone password to access limited functions.
In a YouTube video, a user shows how a nearby phone can be used to bypass an iPhone password to access limited functions.
STORY HIGHLIGHTS
  • YouTube video appears to show a way to bypass an iPhone password lock
  • The hack lets someone access your phone, contacts list and listen to messages
  • NEW: Apple says it's aware of the problem and a fix is coming

(CNN) -- The passwords on iPhones can be hacked, giving someone the ability to make calls, listen to your recent messages and tinker with your contact list, according to a new video posted to YouTube.

The apparent security flaw is shown on an iPhone 5 and can be exploited on phones running Apple's iOS 6.1, the most recent version of its mobile operating system, and some earlier versions.

The technique was posted by a Spanish-speaking user with the account name "videosdebarraquito," who has posted other videos that show what appear to be ways to tweak settings on the iPhone. CNN is not linking to the video, which was published January 31 but recently discovered by tech bloggers.

It involves using another phone placed nearby to make a call to the phone, canceling it, then answering with the targeted phone and fiddling with the power button.

Apple CEO remains confident with company

Obama: Apple will make Macs in the U.S.

Mark Cuban not bullish on Apple

According to the user who posted the video, it can't be used to access other parts of the phone. And he urged anyone who used it to play nice.

Use the bypass "to joke with your friends. To do a magic show. To win a harmless bet among friends in a PUB. Perhaps, to retrieve a phone number in case you don't remember the password, or just to be warned that exists," the user wrote.

"Use it as you want, at your own risk, but... please... use responsibly, do not use this trick to do evil !!!"

The company said Thursday that it's at work on the problem.

"Apple takes user security very seriously," said spokeswoman Trudy Muller. "We are aware of this issue, and will deliver a fix in a future software update."

The folks at tech blog The Verge tried out the technique, and said they were also able to access photos on the phone by attempting to add a photo to a contact. They were able to access an iPhone 5 that was running iOS 6.1 in the UK, they said.

Similar bugs have been pointed out in previous versions of Apple's mobile operating system. Usually, the company issues a quick update to fix the problem.

No comments:

Post a Comment