Apple fixes iOS lock screen bypass that gives access to photos, contacts

06.04.2016
Apple has reportedly fixed a vulnerability that could have allowed hackers to bypass the passcode on iPhone 6s and 6s Plus running iOS 9.3.1 in order to access the address book and photos.

The bypass technique was discovered by researchers from German security firm Evolution Security and takes advantage of Siri's integration with apps like Twitter or Facebook and the new 3D Touch feature that's only available on the iPhone 6s and 6s Plus models.

On a locked device, attackers can call up Siri and ask to search for items that contain @ tags using Twitter, Facebook or Yahoo. Then they can locate a string like an email address and use the 3D Touch hard push to bring out the context menu for it.

This menu offers the option to add the email address to an existing contact, therefore providing access to the address book. Then the attacker can choose to change the photo for an existing contact, bringing up the photo gallery.

Apple fixed the vulnerability Tuesday without users needing to install a software update, the Washington Post reported.

This is not the first lock screen bypass that has been discovered in iOS. In this particular case the bug only worked for a limited number of iPhone models in specific configurations, but other techniques patched in the past affected a larger number of devices.

Combined with the default encryption provided by iOS, the lock screen is the primary method of ensuring that user data remains protected when a device is stolen, lost or is temporarily in someone else's possession.

Lucian Constantin