• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Apple to Release an iOS Software Update to Fix iOS 6.1 Lock Screen Security Issue


    If you’re on iOS 6.1, and you use a passcode, then you might not really be fully protected by the passcode.

    JailbreakNation yesterday posted a guide on how to circumvent the passcode on the lock screen and get into the iOS device's Phone application. The person exploiting the vulnerability will have full access to the Phone application, including contacts, recent calls, voicemail, photos, and more.

    According to AllThingsD, Apple Thursday acknowledged the security hole and says that it will be fixed in a future software update. It is not known if the security hole will come as a hot-fix like iOS 6.1.1 on the iPhone 4S, or if the fix will come in the upcoming iOS software update that was once called iOS 6.1.1 beta and will be renamed because of iOS 6.1.1 coming out to the public on the iPhone 4S.

    According to the Apple spokeswoman that talked to AllThingsD:

    "Apple takes user security very seriously. We are aware of this issue, and will deliver a fix in a future software update."
    Since the security issue is pretty big, it's understandable that many people might feel like they need to update their iOS firmware when the software update is released to protect their privacy and security. For those that don't even use a passcode, the update will be negligible.

    It isn't known if the upcoming software update will be vulnerable to the evasi0n jailbreak, so if you rely on a jailbreak, you might want to sit tight and just keep your eye on your iPhone the old-fashioned way – ultimately, it's up to you to pick between a jailbreak or patching a major security hole.

    If we're lucky, Apple will release another iOS 6.1.1-like hot-patch that will still be vulnerable to the evasi0n jailbreak.

    Sources: AllThingsD
    This article was originally published in forum thread: Apple to Release an iOS Software Update to Fix iOS 6.1 Lock Screen Security Issue started by Anthony Bouchard View original post
    Comments 14 Comments
    1. bmwraw8482's Avatar
      bmwraw8482 -
      I can't get it to work on my iPhone 5 (32gb Verizon, ios6.1 evasi0n). All I get is a blank black screen with a status bar on top... I'm actually kinda disappointed. Lol

      Was it cuz I'm too chicken to dial 911? I used 112 like in the video...
    1. Lohand's Avatar
      Lohand -
      One and 1/2 words, "AndroidLock XT" and a pass-code. Sayin...
    1. Adrian97c's Avatar
      Adrian97c -
      Quote Originally Posted by Lohand View Post
      One and 1/2 words, "AndroidLock XT" and a pass-code. Sayin...
      Applocker from Cydia - **** a lockscreen

      Apple finds any reason to patch a JB! Ugh
    1. novadam's Avatar
      novadam -
      igotya is also a fix, I read. You just disable power down from lock screen.
    1. csglinux's Avatar
      csglinux -
      Saying "ultimately, it's up to you to pick between a jailbreak or patching a major security hole" isn't quite true for jailbreakers. Jailbreakers have the ability to tweak the lockscreen and/or power-off features ;-) Lohand points out one possible option with Android Lock. I've not tested Android Lock, but I can confirm IGotYa's no-power-off feature fixes the security hole.

      Update: Spoke too soon. It looks like IGotYa alone isn't enough - it prevents power-down from lock screen, but not from the emergency call screen. Makes the hack harder, but not impossible.
    1. Jj2345's Avatar
      Jj2345 -
      Quote Originally Posted by Adrian97c View Post
      Applocker from Cydia - **** a lockscreen

      Apple finds any reason to patch a JB! Ugh
      Lmao!!! Amen!!!
    1. rocky5's Avatar
      rocky5 -
      Cant get it to work, UK iPhone 5 32gb ios6.1 jailbroken
    1. Carvensno's Avatar
      Carvensno -
      Lockcode???? who the hell needs that? LMAO i have my phone in my pocket or in front or by me at all times. Sorry but if im spending 400 on a phone? i sure in hell am going to know where it is at all times!!!
    1. Leonnears's Avatar
      Leonnears -
      Quote Originally Posted by Adrian97c View Post
      Applocker from Cydia - **** a lockscreen

      Apple finds any reason to patch a JB! Ugh
      Using the lockscreen ensures your most sensitive data is encrypted so no one can fetch it without the code.
      Applocker or apps in general that block custom apps don't do this. Not to mention they only work as long as MobileSubstrate is running - which means booting the phone holding the Volume Up key or having MS crash would essentially kill all sensitive info protection you have.

      Might as well set up a phone PIN just in case. But that doesn't provide the real benefits of a lockscreen.
    1. Shigoroku's Avatar
      Shigoroku -
      Quote Originally Posted by Leonnears View Post
      Using the lockscreen ensures your most sensitive data is encrypted so no one can fetch it without the code.
      Applocker or apps in general that block custom apps don't do this. Not to mention they only work as long as MobileSubstrate is running - which means booting the phone holding the Volume Up key or having MS crash would essentially kill all sensitive info protection you have.

      Might as well set up a phone PIN just in case. But that doesn't provide the real benefits of a lockscreen.
      I don't think the PIN encrypts anything. A common method for bypassing the PIN is to make an unencrypted backup, unzip it, change or remove the PIN by editing a file, re-zip it, then restore the backup. NOTE: I'm not sure if that actually still works.
    1. Leonnears's Avatar
      Leonnears -
      Quote Originally Posted by Shigoroku View Post
      I don't think the PIN encrypts anything. A common method for bypassing the PIN is to make an unencrypted backup, unzip it, change or remove the PIN by editing a file, re-zip it, then restore the backup. NOTE: I'm not sure if that actually still works.
      Exactly. The PIN doesn't encrypt anything, hence why I said it doesn't offer the benefits of a real lockscreen.

      BUT, if you have friends who actually know you can disable MobileSubstrate tweaks while holding Volume + Up when booting the phone, the PIN may be the only thing that prevents them from seeing things you don't want them to see. If you don't use any other protection other than Cydia apps, everything in your iDevice is exposed.

      Though to be honest I'm not sure how the PIN works on iPhone. Is it like in a "normal" phone in which you need it to boot it up? If that's the case, then yeah, at least your secret Valentine's photos will be safe. :P
    1. offroad1994's Avatar
      offroad1994 -
      What about using NOPOWERDOWN to just see that you can't reboot after its locked. That and ANDROIDLOCK XT seems to work. Right ?
    1. Colin9001's Avatar
      Colin9001 -
      I just want my battery fixed
    1. ThatOneProfile's Avatar
      ThatOneProfile -
      Sorry if I'm not following along. But are lettered passcodes vulnerable?