It appears yet another lockscreen iOS 6.1 security bug has been discovered which gives a potential hacker/terrible friend access to contacts, photos and a whole lot more. This exploit is much like the previous bug Apple fixed, however it apparently gives access to more user data when the phone is plugged into a computer. The original lockscreen bug found on iOS 6.1 did not allow the same access.
A few hours ago we posted about how iOS 6.1.3 will indeed patch the jailbreak exploit; it is assumed iOS 6.1.3 will also fix this security bug. It's almost too perfect for Apple - they waited to fix this bug until they could also patch the jailbreak, thus making many users consider the update. I however will not.
While we do not encourage anyone to use this exploit for terrible reasons, here is a breakdown of how it works.
- Ensure there is a passcode enabled (obvious) and then lock your device by pressing the sleep / wake button.
- Wake the device by tapping the home or sleep button.
- Tap the Emergency Call button on the virtual keyboard.
- Dial 911 or another emergency call number like 110 or 112 and then IMMEDIATELY hang up the call.
- With the call canceled, hit the sleep / wake button to once again put your device in sleep mode, wake it up and then Slide To Unlock.
- Now the trickiest part, hold down the sleep / wake button for about 3 seconds and just before the Slide To Power Off window appears tap the Emergency Call Button (while still keep your finger on the sleep / wake button).
- Keep holding the sleep / wake button and you have gained access to the phone app and if plugged in via USB all personal information.