Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

S1RiOS

macrumors newbie
Original poster
Jan 16, 2013
7
0
I doubt there was a real flaw, probably a kid trying to get attention/troll.

No tangible information was given and he was sketchy about the topic.

I could be wrong though.
Nooo friends, this Issue will be published on Friday, February 1.
A friend of mine explained in video.
iOS 6.1 Golden Master (final)
Impact: A person with physical access to a locked device may perform any calls.
Description: I think a issue existed in the Emergency Dialer access, which permitted calls via numeric keypad on the locked device. This also discloses the user's contacts, recents calls, favorites, voice mail.... via Phone app.
 

falterego

macrumors 6502
Dec 28, 2008
280
0
Southern California
I agree,

That is a huge security flaw, it really makes Find my iPhone pointless... Hope Apple changes that in the future. Also it would be cool if you could password protect only certain apps. For example password protect settings to Find my iPhone can't be turned off, by keep the iPhone itself without a pin code, so it's faster to unlock and stuff. Also, have a pin code to turn off the device...

Pietro

Settings > General > Restrictions

Lock down location services and accounts.
 

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,390
19,458
Nooo friends, this Issue will be published on Friday, February 1.
A friend of mine explained in video.
iOS 6.1 Golden Master (final)
Impact: A person with physical access to a locked device may perform any calls.
Description: I think a issue existed in the Emergency Dialer access, which permitted calls via numeric keypad on the locked device. This also discloses the user's contacts, recents calls, favorites, voice mail.... via Phone app.
Let us know when it's published so that we can hopefully look into what it is and what it involves.
 

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,390
19,458
I searched again. Here's the YouTube video on how to bypass the passcode and I was able to do it on my iPhone 5 iOS 6.1. Sorry OP, couldn't wait until tomorrow. :p
Well, what do you know, it's a bit of an awkward procedure to follow (at least initially), but it does seem to give you access to the full phone app on the phone even though its locked. Interesting what will happen with this and, unless there's some good explanation behind it and/or a reasonable way to disable it from happening, how quickly Apple will get on fixing it.
 

mdlooker

macrumors 65816
Mar 7, 2011
1,227
203
US
There should be some way to lock the sim card to the phone so if it's pulled out, the phone is inoperable. The only way to "unlock" that sim from the phone is from the owner and carrier or maybe only the owner within their account. That way it wouldn't matter if the phone is turned off or sim pulled out or "find my iphone" turned on or off..the phone would render useless. The "find my iphone" or any other, for that matter, would simply give coordinates to where the phone is.
 

scaredpoet

macrumors 604
Apr 6, 2007
6,627
342
I searched again. Here's the YouTube video on how to bypass the passcode and I was able to do it on my iPhone 5 iOS 6.1. Sorry OP, couldn't wait until tomorrow. :p

Do you have a simple passcode on your phone?

I've been unable to do it on mine, but I have simple passcode turned off. Not sure if it's because of that, or I'm just not doing it right. mine very briefly shows a keypad and then sidescrolls back to the lock screen.

EDIT: Tried again and got a bit closer this time. I was able t get to a black screen with a light blue status bar at top, but couldn't do anything with it.
 
Last edited:

scaredpoet

macrumors 604
Apr 6, 2007
6,627
342
The only real security flaw is when someone else but me has access to or is in possession of my phone.

If this was such a non-issue, then there would be no need for passcode locks at all. But the reality is, thefts and attempts at unauthorized data retrieval happen all the time, both because iPhones are desirable devices, and because people store desirable data on them.

So yeah, this could be a big deal.
 

thekb

macrumors 6502a
May 8, 2010
629
23
Find my iPhone is really a mess. It needs these two fixes.

1) It should have been integrated into the ios like the weather app or any of the others, that way it could not be removed and it should have no Off mode, that should be something that can only be done on the net when you log into the account.

2) It should have worked with the phones serial number or CID so that once you register it the phone remains trackable by you and only you, unless you decide to login into Apple and release the number when your selling or giving away the phone.

If those two things where done it would not matter what the thief did because sooner or later he will have a Sim in the phone or wifi connected and Pow you know exactly where he is and if you can't get your phone back because he's in Nigeria, etc. You will still be able to remotely wipe his phone every week or so just to piss him off.



These are indeed awesome ideas ... but it assumes that Apple wants to find a way to prevent theft of iphones. Reselling iphones to people is a huge moneymaker for them.

But I do give thumbs up for excellent ideas.
 

Hephaestus

macrumors 6502
Apr 4, 2010
356
13
How exactly is that a major security flaw? So they have access to the phone? I think a larger flaw is being able to turn off the phone when locked, therefore Find My iPhone does not work and the potential for it to be restored and never found.

That's actually a very good point which never even occurred to me. Apple should definitely look at that!
 

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,390
19,458
I searched again. Here's the YouTube video on how to bypass the passcode and I was able to do it on my iPhone 5 iOS 6.1. Sorry OP, couldn't wait until tomorrow. :p
I wonder if this is still present with iOS 6.1.1 (either the beta that was released or the new official version that was released for iPhone 4S only just today).
 

Bahroo

macrumors 68000
Jul 21, 2012
1,860
2
I guess the TC really knew the lockcode glitch that is popping up in the news today.
 

bonskovsky

macrumors 6502
Dec 31, 2012
453
2
this security issue is real #whoknew

This simple and easy to pull off trick allows for an attacker to bypass an iPhone's pass code and obtain full access (see and edit) to contacts list, list of recent calls, favorite contacts, and even make a call to any phone number on the hacked device and erase the log.
Should I shut up? or should I publish the trick for the iPhone users are prevented?

this guy was serious. #whoknew

now if only they'd address the widespread YouTube issue.:apple:
 

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,390
19,458
this security issue is real #whoknew



this guy was serious. #whoknew

now if only they'd address the widespread YouTube issue.:apple:
Unrelated to the topic here, but they'll make sure to address the YouTube issue by not addressing it since neither widespread nor real. :apple:
 

Bahroo

macrumors 68000
Jul 21, 2012
1,860
2
Apple will release a update to fix the Exchange bug and this lockscreen glitch in a week or less
 

MN7119

macrumors 6502
Mar 7, 2011
486
564
I also discovered a bad one. When someone calls me my iPhone rings. Should I contact Apple? :eek:
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.