Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

S1RiOS

macrumors newbie
Original poster
Jan 16, 2013
7
0
This simple and easy to pull off trick allows for an attacker to bypass an iPhone's pass code and obtain full access (see and edit) to contacts list, list of recent calls, favorite contacts, and even make a call to any phone number on the hacked device and erase the log.
Should I shut up? or should I publish the trick for the iPhone users are prevented?
 

SandboxGeneral

Moderator emeritus
Sep 8, 2010
26,482
10,050
Detroit
This simple and easy to pull off trick allows for an attacker to bypass an iPhone's pass code and obtain full access (see and edit) to contacts list, list of recent calls, favorite contacts, and even make a call to any phone number on the hacked device and erase the log.
Should I shut up? or should I publish the trick for the iPhone users are prevented?

If you're serious, you should keep it to yourself and notify Apple.
 

Mlrollin91

macrumors G5
Nov 20, 2008
14,119
10,106
This simple and easy to pull off trick allows for an attacker to bypass an iPhone's pass code and obtain full access (see and edit) to contacts list, list of recent calls, favorite contacts, and even make a call to any phone number on the hacked device and erase the log.
Should I shut up? or should I publish the trick for the iPhone users are prevented?

How exactly is that a major security flaw? So they have access to the phone? I think a larger flaw is being able to turn off the phone when locked, therefore Find My iPhone does not work and the potential for it to be restored and never found.
 

r2shyyou

macrumors 68000
Oct 3, 2010
1,758
13
Paris, France
This simple and easy to pull off trick allows for an attacker to bypass an iPhone's pass code and obtain full access (see and edit) to contacts list, list of recent calls, favorite contacts, and even make a call to any phone number on the hacked device and erase the log.
Should I shut up? or should I publish the trick for the iPhone users are prevented?

Since iOS 6.1 is still in beta, you should obviously contact Apple. Relatively few users would be able to take steps to prevent this supposed flaw since relatively few users have 6.1.

If it comes out and the flaw is still present, then you may want to consider publishing it.
 

S1RiOS

macrumors newbie
Original poster
Jan 16, 2013
7
0
Thanks friends, the flaw is also present in iOS 6.0.1 and 6.0.2 I have 10B5126b 6.1 but I'm not developer, I do not know how to inform to Apple, I hope Apple is reading this and contact me.
 

pmontanarella

macrumors 6502
Oct 12, 2012
321
7
Vancouver, Canada
I think a larger flaw is being able to turn off the phone when locked, therefore Find My iPhone does not work and the potential for it to be restored and never found.

I agree,

That is a huge security flaw, it really makes Find my iPhone pointless... Hope Apple changes that in the future. Also it would be cool if you could password protect only certain apps. For example password protect settings to Find my iPhone can't be turned off, by keep the iPhone itself without a pin code, so it's faster to unlock and stuff. Also, have a pin code to turn off the device...

Pietro
 

liteshow

macrumors regular
Sep 20, 2012
239
21
I agree,

That is a huge security flaw, it really makes Find my iPhone pointless... Hope Apple changes that in the future. Also it would be cool if you could password protect only certain apps. For example password protect settings to Find my iPhone can't be turned off, by keep the iPhone itself without a pin code, so it's faster to unlock and stuff. Also, have a pin code to turn off the device...

Pietro

On a related note about find my iphone, doesn't Find my iPhone use cellular data to get it's location? So preventing someone from turning off iphone when locked would be pointless. All the would be thief has to do is pop out the SIM card and the stolen iphone loses connectivity unless the phone is somehow connected via free wifi.
 

pmontanarella

macrumors 6502
Oct 12, 2012
321
7
Vancouver, Canada
On a related note about find my iphone, doesn't Find my iPhone use cellular data to get it's location? So preventing someone from turning off iphone when locked would be pointless. All the would be thief has to do is pop out the SIM card and the stolen iphone loses connectivity unless the phone is somehow connected via free wifi.

Good point, I hadn't considered that

Pietro
 

Mlrollin91

macrumors G5
Nov 20, 2008
14,119
10,106
On a related note about find my iphone, doesn't Find my iPhone use cellular data to get it's location? So preventing someone from turning off iphone when locked would be pointless. All the would be thief has to do is pop out the SIM card and the stolen iphone loses connectivity unless the phone is somehow connected via free wifi.

Never thought about that either. Well it wouldn't be a problem for the CDMA version, but GSM would definitely have a problem. Regardless I feel Apple needs to really address this issue because it really does make Find My iPhone completely pointless if there are so many works around it.
 

S1RiOS

macrumors newbie
Original poster
Jan 16, 2013
7
0
Do you think that to fix it Apple will delay the 6.1 official release? I look forward the new iOS because I read that the untethered jailbreak will come at the same time.
 
Last edited:

robbyg

macrumors newbie
Jan 15, 2013
6
0
Find my iPhone is really a mess. It needs these two fixes.

1) It should have been integrated into the ios like the weather app or any of the others, that way it could not be removed and it should have no Off mode, that should be something that can only be done on the net when you log into the account.

2) It should have worked with the phones serial number or CID so that once you register it the phone remains trackable by you and only you, unless you decide to login into Apple and release the number when your selling or giving away the phone.

If those two things where done it would not matter what the thief did because sooner or later he will have a Sim in the phone or wifi connected and Pow you know exactly where he is and if you can't get your phone back because he's in Nigeria, etc. You will still be able to remotely wipe his phone every week or so just to piss him off.
 

scaredpoet

macrumors 604
Apr 6, 2007
6,627
342
Do you think that to fix it Apple will delay the 6.1 official release? I look forward the new iOS because I read that the untethered jailbreak will come at the same time.

Depends on what the flaw is and whether it lives up to the hype you're giving it.
 

robbyg

macrumors newbie
Jan 15, 2013
6
0
Man I'd torment the thief with this. Go an extra week between wipes to give them false hope and wipe it again. :mad:

Oh it would be so cool to be able to make him miserable, it might make him go out and go after the guy who sold him your phone. At the very least iPhones would become one of the least desirable phones to steal.
 

seble

macrumors 6502a
Sep 6, 2010
972
163
I agree,

That is a huge security flaw, it really makes Find my iPhone pointless... Hope Apple changes that in the future. Also it would be cool if you could password protect only certain apps. For example password protect settings to Find my iPhone can't be turned off, by keep the iPhone itself without a pin code, so it's faster to unlock and stuff. Also, have a pin code to turn off the device...

Pietro

I agree with you about the password thing. I mean heck, the mac is able to ask you for an admin password when another user is logged in and you want to shutdown, so why not require a shutdown passcode for ios devices (make it a voluntary feature of course cause not everyone would want this). Then just make sure that hard reset is only able to restart the phone, that way, it will always be 'on'.
 

wrkactjob

macrumors 65816
Feb 29, 2008
1,357
0
London
This simple and easy to pull off trick allows for an attacker to bypass an iPhone's pass code and obtain full access (see and edit) to contacts list, list of recent calls, favorite contacts, and even make a call to any phone number on the hacked device and erase the log.
Should I shut up? or should I publish the trick for the iPhone users are prevented?

Hay Newbie, you can not be serious!
 

Eric374

macrumors 6502
Sep 25, 2006
432
1
Wichita, Kansas
Never thought about that either. Well it wouldn't be a problem for the CDMA version, but GSM would definitely have a problem. Regardless I feel Apple needs to really address this issue because it really does make Find My iPhone completely pointless if there are so many works around it.

Pop out the sim on my Verizon 5 and I get a big "NO SERVICE", so CDMA doesn't matter either.
 

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,390
19,458
This simple and easy to pull off trick allows for an attacker to bypass an iPhone's pass code and obtain full access (see and edit) to contacts list, list of recent calls, favorite contacts, and even make a call to any phone number on the hacked device and erase the log.
Should I shut up? or should I publish the trick for the iPhone users are prevented?
Is it really a (security) flaw or perhaps just some possibly misunderstood yet valid usecase?

Especially when it comes to "simple and easy to pull off trick", far too many times people have mentioned security flaws and it simply turned out to be nothing more than a misunderstanding or a particular phone/app configuration of some sort, and certainly not a flaw, let alone a (major) security one.
 

aPple nErd

macrumors 68030
Feb 12, 2012
2,728
694
Jailbreaks/IOS Hacks
this simple and easy to pull off trick allows for an attacker to bypass an iphone's pass code and obtain full access (see and edit) to contacts list, list of recent calls, favorite contacts, and even make a call to any phone number on the hacked device and erase the log.
Should i shut up? Or should i publish the trick for the iphone users are prevented?

absolutely do not notifupy apple, contact the jb team first!!!!!!!!!
 

Mlrollin91

macrumors G5
Nov 20, 2008
14,119
10,106
Pop out the sim on my Verizon 5 and I get a big "NO SERVICE", so CDMA doesn't matter either.

Really? I didn't know that. I thought the sim card slot was only used in a CDMA phone for "world phone" purposes. Well then that makes Find My iPhone even more pointless...
 

dictoresno

macrumors 601
Apr 30, 2012
4,482
618
NJ
Really? I didn't know that. I thought the sim card slot was only used in a CDMA phone for "world phone" purposes. Well then that makes Find My iPhone even more pointless...

LTE is based on GSM technology, which requires network authentication using a SIM. so they have integrated its need into the iphone 5. without it, it will render even the CDMA side useless.
 

Brandon0448

macrumors 6502
Aug 2, 2011
271
12
Anchorage, Alaska
Find my iPhone will never be perfect, I always thought it was more for a lost device than a stolen one. Like the saying goes a lock only keeps an honest man out. If a thief wants your stuff and is motivated enough they will get it and there is nothing you can do about it. It is the sad truth.

-Brandon
 

Starrbuck

macrumors regular
Jun 8, 2010
171
6
If he's got 6.1, isn't that a beta, and that would mean he's a developer, right? I would think Apple makes it clear how they report bugs.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.