Results 1 to 15 of 15

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Apple to Release an iOS Software Update to Fix iOS 6.1 Lock Screen Security Issue

  1. #1
    Default Apple to Release an iOS Software Update to Fix iOS 6.1 Lock Screen Security Issue


    If you’re on iOS 6.1, and you use a passcode, then you might not really be fully protected by the passcode.

    JailbreakNation yesterday posted a guide on how to circumvent the passcode on the lock screen and get into the iOS device's Phone application. The person exploiting the vulnerability will have full access to the Phone application, including contacts, recent calls, voicemail, photos, and more.

    According to AllThingsD, Apple Thursday acknowledged the security hole and says that it will be fixed in a future software update. It is not known if the security hole will come as a hot-fix like iOS 6.1.1 on the iPhone 4S, or if the fix will come in the upcoming iOS software update that was once called iOS 6.1.1 beta and will be renamed because of iOS 6.1.1 coming out to the public on the iPhone 4S.

    According to the Apple spokeswoman that talked to AllThingsD:

    "Apple takes user security very seriously. We are aware of this issue, and will deliver a fix in a future software update."
    Since the security issue is pretty big, it's understandable that many people might feel like they need to update their iOS firmware when the software update is released to protect their privacy and security. For those that don't even use a passcode, the update will be negligible.

    It isn't known if the upcoming software update will be vulnerable to the evasi0n jailbreak, so if you rely on a jailbreak, you might want to sit tight and just keep your eye on your iPhone the old-fashioned way – ultimately, it's up to you to pick between a jailbreak or patching a major security hole.

    If we're lucky, Apple will release another iOS 6.1.1-like hot-patch that will still be vulnerable to the evasi0n jailbreak.

    Sources: AllThingsD
    Last edited by Anthony Bouchard; 02-14-2013 at 03:34 PM.

  2. #2
    My iPhone is a Part of Me bmwraw8482's Avatar
    Join Date
    Mar 2011
    Location
    Virginia
    Posts
    582
    Thanks
    8
    Thanked 88 Times in 57 Posts

    I can't get it to work on my iPhone 5 (32gb Verizon, ios6.1 evasi0n). All I get is a blank black screen with a status bar on top... I'm actually kinda disappointed. Lol

    Was it cuz I'm too chicken to dial 911? I used 112 like in the video...
    Last edited by bmwraw8482; 02-14-2013 at 03:38 PM.

  3. #3
    One and 1/2 words, "AndroidLock XT" and a pass-code. Sayin...

  4. #4
    Quote Originally Posted by Lohand View Post
    One and 1/2 words, "AndroidLock XT" and a pass-code. Sayin...
    Applocker from Cydia - **** a lockscreen

    Apple finds any reason to patch a JB! Ugh

  5. The Following User Says Thank You to Adrian97c For This Useful Post:

    Jj2345 (02-14-2013)

  6. #5
    igotya is also a fix, I read. You just disable power down from lock screen.

  7. #6
    Saying "ultimately, it's up to you to pick between a jailbreak or patching a major security hole" isn't quite true for jailbreakers. Jailbreakers have the ability to tweak the lockscreen and/or power-off features ;-) Lohand points out one possible option with Android Lock. I've not tested Android Lock, but I can confirm IGotYa's no-power-off feature fixes the security hole.

    Update: Spoke too soon. It looks like IGotYa alone isn't enough - it prevents power-down from lock screen, but not from the emergency call screen. Makes the hack harder, but not impossible.
    Last edited by csglinux; 02-14-2013 at 06:28 PM.

  8. #7
    Quote Originally Posted by Adrian97c View Post
    Applocker from Cydia - **** a lockscreen

    Apple finds any reason to patch a JB! Ugh
    Lmao!!! Amen!!!

  9. #8
    Cant get it to work, UK iPhone 5 32gb ios6.1 jailbroken

  10. #9
    Livin the iPhone Life Carvensno's Avatar
    Join Date
    Oct 2010
    Location
    Fresno, Calli
    Posts
    2,013
    Thanks
    2,650
    Thanked 1,756 Times in 753 Posts

    Lockcode???? who the hell needs that? LMAO i have my phone in my pocket or in front or by me at all times. Sorry but if im spending 400 on a phone? i sure in hell am going to know where it is at all times!!!

  11. #10
    Quote Originally Posted by Adrian97c View Post
    Applocker from Cydia - **** a lockscreen

    Apple finds any reason to patch a JB! Ugh
    Using the lockscreen ensures your most sensitive data is encrypted so no one can fetch it without the code.
    Applocker or apps in general that block custom apps don't do this. Not to mention they only work as long as MobileSubstrate is running - which means booting the phone holding the Volume Up key or having MS crash would essentially kill all sensitive info protection you have.

    Might as well set up a phone PIN just in case. But that doesn't provide the real benefits of a lockscreen.

  12. #11
    iPhone? More like MyPhone
    Join Date
    Oct 2009
    Location
    Newnan, GA, USA
    Posts
    163
    Thanks
    2
    Thanked 4 Times in 4 Posts

    Quote Originally Posted by Leonnears View Post
    Using the lockscreen ensures your most sensitive data is encrypted so no one can fetch it without the code.
    Applocker or apps in general that block custom apps don't do this. Not to mention they only work as long as MobileSubstrate is running - which means booting the phone holding the Volume Up key or having MS crash would essentially kill all sensitive info protection you have.

    Might as well set up a phone PIN just in case. But that doesn't provide the real benefits of a lockscreen.
    I don't think the PIN encrypts anything. A common method for bypassing the PIN is to make an unencrypted backup, unzip it, change or remove the PIN by editing a file, re-zip it, then restore the backup. NOTE: I'm not sure if that actually still works.

  13. #12
    Quote Originally Posted by Shigoroku View Post
    I don't think the PIN encrypts anything. A common method for bypassing the PIN is to make an unencrypted backup, unzip it, change or remove the PIN by editing a file, re-zip it, then restore the backup. NOTE: I'm not sure if that actually still works.
    Exactly. The PIN doesn't encrypt anything, hence why I said it doesn't offer the benefits of a real lockscreen.

    BUT, if you have friends who actually know you can disable MobileSubstrate tweaks while holding Volume + Up when booting the phone, the PIN may be the only thing that prevents them from seeing things you don't want them to see. If you don't use any other protection other than Cydia apps, everything in your iDevice is exposed.

    Though to be honest I'm not sure how the PIN works on iPhone. Is it like in a "normal" phone in which you need it to boot it up? If that's the case, then yeah, at least your secret Valentine's photos will be safe. :P

  14. #13
    What about using NOPOWERDOWN to just see that you can't reboot after its locked. That and ANDROIDLOCK XT seems to work. Right ?

  15. #14
    iPhone? More like MyPhone Colin9001's Avatar
    Join Date
    Jan 2011
    Location
    New York
    Posts
    170
    Thanks
    0
    Thanked 9 Times in 9 Posts

    I just want my battery fixed

  16. #15
    Sorry if I'm not following along. But are lettered passcodes vulnerable?

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •