iOS 6.1 Bug Enables Bypassing Passcode Lock to Access Phone and Contacts

[TheHateMachine]

I figured aout a way to hack MacRumors, get all the registered users details and delete everything from the site and it's backups.

Should I post the exact method here or should I let MacRumors know so they can fix it?

The point of this was to make them scramble to fix it. Apple might be dismissive of this claim or they would just park it and devote resources later. Leaving more time where it isn't fixed.

Putting it in the open like this tends to make fixes quicker.

I also find it appalling how many are being dismissive about this, one person even went as far as to say something along the lines of "Non issue. Don't put sensitive info on your phone". That sure is a Jobism if I ever heard one.

 

[phillipduran]

I thought this was a feature. It pairs nicely with the camera roll bug from a while ago.

 

[codefuns]

Someone can use your phone call your mom send money to their account, this already happens a lot.

Oh, please... All that just to bypass a lock screen. Who wastes their time figuring out this stuff?

 

[Bahroo]

Apple will fix this bug in a week or less, along with the Microsoft Exchange glitch

 

[borneo76]

You're holding it wrong

 

[koban4max]

6.1, you can go to photo from lock screen and press home button and gets you there.

 

[nightmars]

reminds me of:

↑↑↓↓←→←→BA

 

[Tigger92]

the person who steals your phone



that's nothing compared to those devs trying to find loopholes in the Os to inject the jailbreak

Of course, by the time they have finally gotten through all the steps successfully, you could have easily used "Find my iPad" to locate it, remote wipe and catch the thief.

 

[DimitriBlog]

If your iPhone is jailbroken, just install the Cydia tweak "disableEmergency". This will disable the Emergency Call button and no one will be able to use this hack on you.

This is especially useful if you just jailbroke your iPhone recently using evasi0n and are now "stuck" using iOS 6.1.

 

[0098386]

Oh, please... All that just to bypass a lock screen. Who wastes their time figuring out this stuff?

... security experts? And I'd rather have them on our side.

 

[Arran]

The point of this was to make them scramble to fix it. Apple might be dismissive of this claim or they would just park it and devote resources later. Leaving more time where it isn't fixed.

Yeah, but why does it have to be fixed right now? It's obscure and posed a low risk - until published, of course.

What's wrong with a little discretion?

 

[Tiger8]

If your iPhone is jailbroken, just install the Cydia tweak "disableEmergency". This will disable the Emergency Call button and no one will be able to use this hack on you.

This is especially useful if you just jailbroke your iPhone recently using evasi0n and are now "stuck" using iOS 6.1.

Yes, just pray you don't ever have a real emergency

 

[george-brooks]

This is totally useless for a criminal, but its a great way for a first responder to access your "I.C.E. (in case of emergency)" contact if your phone is locked!!

 

[DimitriBlog]

Yes, just pray you don't ever have a real emergency

I don't get that. If I have a real emergency, I can just enter my passcode and use the Phone app. If I don't have time to enter my passcode, then I don't have time to use the emergency button and dial 911 anyway.

 

[SpyderBite]

Are you guys seriously downplaying this bug?

Yes. If somebody steals your smartphone, it isn't for your contacts.

Don't feed the paranoia.

 

[fishmoose]

If someone goes through all that to access my contacts I think they would be very disappointed by what they'll find.

 

[pward]

Why?

In the UK 'spaz' was used as a shortened form of 'spastic' which was used as a term of insult here especially in the 80s.

Haven't heard the word in some time and it brought back some unhappy memories; not MacRumors fault and I understand that the term is used differently and inoffensively in the US but yes, in the UK this would be considered offensive by some.

 

[louis Fashion]

HA, this is why I have no contacts on my phone.
Oh wait, I have no contacts because I have no friends to call.

Who has the time to work this stuff out?

 

[notabadname]

I'm so surprised Apple didn't test this simple sequence of actions before releasing the OS.

 

[Pock]

Good job encouraging people to dial an emergency number then hanging up. I imagine some people will not be fast enough and start the call - which clearly is not wise and may endanger others.

 

[World Citizen]

I don't get that. If I have a real emergency, I can just enter my passcode and use the Phone app. If I don't have time to enter my passcode, then how can you expect me to have time to dial 911?

Well, You are driving along the highway, and there comes a truck... He suddenly moves to the other side of the road, and you have to move really fast.. and this results in you crashing in the woods besides the road.
1 tree, just nailed you.. and the tree breaks and wood flies all over the place. 1 piece of wood went straight true your radiator.. and somehow it finds his way to your fan-grills in the car... The car was still running, and due to some weird nature ****.. the piece of wood shoots at you because to the fans where still running.. The wood shoots right in your thumb, and severs it to the bone. Your thumb is hanging by only a small piece of skin... Your other arm is jammed between the door and the steering wheel so you can't use it.. All your other fingers burned away, but the fire is out now.. You look at your thumb and notice that if you move the thumb.. bit by bit it tears more away from your hand.. So you make a quick calculation, on how many moves you can make before the whole finger is severed.

You notice that you can only do 7 moves... before it's over...
While laying there you obviously decide to use the emergency call..

1 - power on the phone
2 - slide to unlock
3 - press emergency
4 - press 9
5 - press 1
6 - press 1
7 - press call...


See... I can't imagine how you missed this...

 

[thewordiz]

Meanwhile

I come back to my phone, find you doing this and proceed to beat the living &^%$ out of you, breaking all of your fingers so that you could never even hold a device shaped like a phone again.

Smart guy/gal that figured all of this out though.

Oh, yea. I do believe that people that steal other peoples stuff should just be quickly sentenced and killed. That would put a stop to that.

 

[Bubba Satori]

Are you guys seriously downplaying this bug?

Of course, I would be shocked if the faithful didn't.
Nobody expects the Spanish Inquisition,
but you can depend on sheeple outrage and indignation.

 

[Ingot]

Wait... when you do this... Safari is snappier

I am tired of the snappier safari bit, but this one was justified.

Well played, dear sir.

 

[MN7119]

"Type in 911 or your emergency number and click call then cancel it asap so the call dosen't go through". Wait, I am confused. Should I always cancel a 911 call before they answer? How about if they answer before I cancel? Does that mean I failed in my interpretation of "asap"? If they answer, should I say I am trying to unlock my phone? So many questions!!!!! Not many answers!!!! I am so confused!!!!