iOS 6.1.2 Lockscreen Exploit Found - Not the Good One Either

[Nick Hesson]

It appears yet another lockscreen iOS 6.1 security bug has been discovered which gives a potential hacker/terrible friend access to contacts, photos and a whole lot more. This exploit is much like the previous bug Apple fixed, however it apparently gives access to more user data when the phone is plugged into a computer. The original lockscreen bug found on iOS 6.1 did not allow the same access.

A few hours ago we posted about how iOS 6.1.3 will indeed patch the jailbreak exploit; it is assumed iOS 6.1.3 will also fix this security bug. It's almost too perfect for Apple - they waited to fix this bug until they could also patch the jailbreak, thus making many users consider the update. I however will not.

While we do not encourage anyone to use this exploit for terrible reasons, here is a breakdown of how it works.

1. Ensure there is a passcode enabled (obvious) and then lock your device by pressing the sleep / wake button.
2. Wake the device by tapping the home or sleep button.
3. Tap the Emergency Call button on the virtual keyboard.
4. Dial 911 or another emergency call number like 110 or 112 and then IMMEDIATELY hang up the call.
5. With the call canceled, hit the sleep / wake button to once again put your device in sleep mode, wake it up and then Slide To Unlock.
6. Now the trickiest part, hold down the sleep / wake button for about 3 seconds and just before the Slide To Power Off window appears tap the Emergency Call Button (while still keep your finger on the sleep / wake button).
7. Keep holding the sleep / wake button and you have gained access to the phone app and if plugged in via USB all personal information.

UPDATE:

Anyone with a jailbroken iPhone can install 'disableEmergency' from the cydia store. It's free and allows you to disable the emergency dial function from the iphone. In an emergency you could technically still use siri. This technically should protect you from this vulnerability.

[Silverado1987]

Sooooo you just gave everyone a tutorial on how to access someone's iPhone?
Regardless. Probably better if it weren't there

[rvance]

Sooooo you just gave everyone a tutorial on how to access someone's iPhone?
Regardless. Probably better if it weren't there

Exactly!!! You can keep that to yourself. I mean unless your a damn super geek, who the hell is going to do that to get in the phone?! Some of the these topics are just too funny:-D

[Carvensno]

Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!

[Silverado1987]

Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!

I know right. Who went through so many combinations as far as to call 911 and hang up like wtf lol

[exNavy]

Stupid. Calling 911 and hanging up gets a cop at your door to make sure you are ok. Speaking as a former dispatcher I can locate the exact house you are in.

[vinaygoel2000]

I wouldn't even know what to do if I had someone's SSN.

[steve-z17]

Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!

Lol! That's what I want to know! Who sat around diddling on their phone pushing all these buttons in that sequence?!? Sounds like a bit of work to get into someone's phone to get some pics or contacts...but that's just me!

[iM1sf1t]

In doing this, you cancel the call before it actually sends the call so there is no call to 911 that can be traced... Also, I doubt that anyone sat around trying combinations long enough to find something that would work like this. Most exploits found in an operating system have corresponding input commands that replicate the vulnerability on the device... Unless I've just been imagining things.

[Outrager]

Stupid. Calling 911 and hanging up gets a cop at your door to make sure you are ok. Speaking as a former dispatcher I can locate the exact house you are in.

Since it's a cellphone, couldn't you do it in a public area then just walk away when you're finished? It seems to only take a few minutes. You can use a laptop as the PC you connect to. Then just copy everything while on the go. Will the police continue tracking someone on the move?

[pakitos]

Since it's a cellphone, couldn't you do it in a public area then just walk away when you're finished? It seems to only take a few minutes. You can use a laptop as the PC you connect to. Then just copy everything while on the go. Will the police continue tracking someone on the move?

Arent your phone numbers over there registered under your names?

[Outrager]

Arent your phone numbers over there registered under your names?

I assume someone doing this isn't trying to break into their own phone. That's just silly. It would be someone else's phone and they have no phone to get contacted on.

[drgonz0]

Anyone with a jailbroken iPhone can install 'disableEmergency' from the cydia store. It's free and allows you to disable the emergency dial function from the iphone. In an emergency you could technically still use siri. This technically should protect you from this vulnerability.

Who in hell had time to figure out that $yht??? LMAO my god someone had to much time on there hands to figure that out!!

If someone with ill intentions got ahold of the right phone. There's a profitable upside to this. It's a big risk.

[Jahooba]

It's almost too perfect for Apple - they waited to fix this bug until they could also patch the jailbreak, thus making many users consider the update.

That's interesting - you think Apple is intentionally creating security holes in order to dissuade jailbreakers?

Regardless, if Apple ever wants to add RFID "virtual wallet" payments to the iPhone, they'll have to make the lockscreen far more secure.

This bug probably isn't in my iPod Touch - there's no phone!

[sheon]

im still on 6.1 been to lazy to update but thanks for this info i installed disableemergency so no more worries now all they need to do is make a way to diable dfu mode so if anyone steals the iPhone its useless unless u know the password

[stolenpentium]

im still on 6.1 been to lazy to update but thanks for this info i installed disableemergency so no more worries now all they need to do is make a way to diable dfu mode so if anyone steals the iPhone its useless unless u know the password

Watch what you wish for

[pakitos]

I dont think theres a way to disable DFU mode.

[radioBirdman]

My phone is either in my pocket, in my/my kid's hand or on my desk (work & home) pretty much all the time. I don't even run a passcode.
And I'd like to think if I lost my phone it might be returned by someone accessing my contacts and calling an obvious number like "me (work)" or "Mum" or something. If it's locked, whoever finds it can't do that.

[mirilopr]

My phone is either in my pocket, in my/my kid's hand or on my desk (work & home) pretty much all the time. I don't even run a passcode.
And I'd like to think if I lost my phone it might be returned by someone accessing my contacts and calling an obvious number like "me (work)" or "Mum" or something. If it's locked, whoever finds it can't do that.

Ja. That might be true of old times, when a cellphone was only good for calling or texting. But an someone returning an iphone??? Long chance...

[WithinTemptationFan]

If you lose your iPhone in a public area,you can kiss that phone goodbye because I highly doubt the person who finds it and takes it will return it to you. It's messed, but that's how it is now.