Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,194
30,135



voicecontrol.jpg
Following yesterday's release of iOS 6.1.3, which fixed two bugs allowing the iPhone's passcode lock to be bypassed, another passcode security flaw has been discovered.

The vulnerability, which only affects the iPhone 4, involves the Voice Dial command, as demonstrated in the video below from YouTube user videosdebarraquito.

iPhoneinCanada
tested the method in the video using an iPhone 4 running iOS 6.1.3 and found that the security flaw does indeed exist, giving a potential intruder access to both contacts and photos.

Like the previous passcode vulnerability, the current hack involves a complicated set of steps that includes initiating Voice Dial command and quickly ejecting the phone's SIM card.

When the SIM card is removed, the phone opens the recent call log, which gives access to the contact list. In the contact list, adding a photo also gives access to all of the pictures on the device.

The previous passcode vulnerability was discovered in mid-February, and it took Apple more than a month to push a fix. An update for the current bypass could follow a similar timeline, but the vulnerability can be fixed by disabling Voice Dial from the Passcode Lock menu.

At this time, the vulnerability has only been shown to work with the iPhone 4. We were unable to reproduce the results with an iPhone 5 with Siri disabled, though the bug may potentially affect the pre-Siri iPhone 3GS as well.

Update 1:07 PM: iPhoneBlog.de reports that it has reproduced the issue on an iPhone 5 with Siri disabled, although we have still been unable to do so.

Article Link: New iPhone Passcode Security Flaw Discovered in iOS 6.1.3
 

iGuardian

macrumors 6502a
Aug 26, 2008
552
18
This is ridiculous. I understand that this is insecure but who the hell comes up with such an elaborate way to access just your phone and photos? Your phone's still safe from the average Joe.
 

troop231

macrumors 603
Jan 20, 2010
5,822
553
Wow, who figures this stuff out?

What's next? Stand on your head, rub your stomach while ejecting the SIM 3 times with 1.5 second pauses in between each one.

:rolleyes:
 

anberlinairlift

macrumors member
Nov 16, 2010
84
0
Charlotte Hall, MD
I'm just glad that Macrumors posted this. Complicated as it is, we want to make sure that criminals everywhere with stolen iPhone 4's will have no trouble accessing them.

/sarcasm
 

roxxette

macrumors 68000
Aug 9, 2011
1,507
0
Wow, who figures this stuff out?

What's next? Stand on your head, rub your stomach while ejecting the SIM 3 times with 1.5 second pauses in between each one.

:rolleyes:

Hahaha was thinking the same thing, dont kmow how they figure this stuff out !
 

jmcrutch

macrumors regular
Jul 27, 2010
249
79
Are they using code to figure these out or is someone that bored that they'll employ the trial and error method? There must be a million different possible combinations of things you can try together, literally, in order to discover such a vulnerability.
 

M-O

macrumors 6502a
Mar 15, 2011
502
0
perhaps they can fix this security hole by replacing the voice control feature on iPhone 4 with Siri.

...just a thought.
 

joelvega125

macrumors regular
Jun 15, 2010
145
7
the people who figure out this crap are idiots. If I lose my phone I'm effed anyway. The old "voice dial paperclip sim tray pop out" trick will be the least of my worries.
 

RenoG

macrumors 65816
Oct 7, 2010
1,275
59
Yeah and thank you for putting the wonderful new quick and easy how-to out for all to see on bypassing the passcode. Now every savy iphone thief and hacker can go back to business as usual.
 

M-O

macrumors 6502a
Mar 15, 2011
502
0
It's crazy but people still even buy them. And then they complain that it's too slow. :eek:

I just got one a few months ago (second hand). I don't feel it's too slow. Sure, it's slower than iPhone 5, but it's plenty fast for me.

still, if i were going to buy one on contract i'd definitely go with the 5.
 

RenoG

macrumors 65816
Oct 7, 2010
1,275
59
Does anyone even use the iPhone 4 anymore?

Iphones don't suddenly expire when a new comes out you know...My wife has a 4 and it works perfectly, she has absolutely no desire or need whatsoever to upgrade..for what!
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.