Iphone 5 security Flaw

Discussion in 'iPhone' started by AusTracka, Jul 21, 2015.

  1. AusTracka macrumors newbie

    Joined:
    Jul 21, 2015
    Location:
    Australia
    #1
    After giving apple the opportunity to rectify the issue and replace my handset both in store and also multiple emails, I have now posted online. see the attached link.

    Security flaw is regardless of turning the mobile hotspot feature off, the phone still broadcasts a network and can be remotely "activated" by another phone(iphone 6) WITHOUT the password. The genius bar attendant advised that they had never seen the issue before and suggested that I check my bank account for any suspicious transactions.... NOTE: the Iphone 6 was brand new and never connected to this device before.

    If it was my business, I would replace the phone immediately and send the phone to the engineers for further testing......

     
  2. wakinghour macrumors regular

    Joined:
    Jul 16, 2012
  3. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #3
    The genius bar should be aware of the "Instant Hotspot" feature, which is what's being shown in the video. Two devices, signed into the same iCloud account, can share a cellular data connection.
    The authentication happens via the iCloud account, not via wifi password. Devices which aren't signed into the same iCloud account cannot use this feature and this isn't a security flaw.
    http://9to5mac.com/2014/10/26/yosemite-ios-8-how-to-set-up-and-use-instant-hotspot/
     
  4. MDF84 macrumors newbie

    Joined:
    Jul 21, 2015
    #4
    Isn't that a feature?
    You state the iPhone 6 is brand new - but I presume signed in to your iTunes account?
    You are able to remotely initiate the hotspot from one of your other signed in devices part and parcel of "Continuity"
     
  5. aristobrat macrumors G4

    Joined:
    Oct 14, 2005
    #5
    Here's an Apple article regarding this feature. It basically says what chrfr and MDF84 said.
    OS X Yosemite: Connect to the Internet using Instant Hotspot

     
  6. Applejuiced macrumors Westmere

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
    #6
    Another newbie with a wild story:D
    Its designed to work like that between shared accounts and it will not work the same with random strangers devices.
     
  7. aristobrat macrumors G4

    Joined:
    Oct 14, 2005
    #7
    IMO, he had a valid concern, and it sounds like the Genius Bar botched up a chance to explain to him how it worked. Not sure my next step would be posting it up as a security flaw (vs. posting up asking if it was behavior someone else had seen before), but to each their own. :)
     
  8. AusTracka thread starter macrumors newbie

    Joined:
    Jul 21, 2015
    Location:
    Australia
    #8
    Ok Applejuiced, maybe the genius bar "NEWBIE" attendant who could see my hotspot on their phone from their personal phone somehow obtained my password and logged in to my icloud??.

    Thanks for the feedback anyway, i've now got a reply to my email so the post has worked.
     
  9. Applejuiced macrumors Westmere

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
    #9
    A valid concern that could have easily being answered/debunked with a quick search online.
     
  10. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #10
    Rather than be argumentative, provide some details for a discussion. Both devices are not yours? Which version of iOS is on each? Is either device jailbroken?
    The video does not show anything other than expected behavior if iCloud/Continuity/Instant Hotspot are configured.
     
  11. AusTracka thread starter macrumors newbie

    Joined:
    Jul 21, 2015
    Location:
    Australia
    #11
    Nothing valid about a genius bar attendant been able to see my phones hotspot when it is physically switched off ? Since getting the phone replaced by apple in August last year the diagnostics show it has been recharged over 520 times. Most weekdays the phone is flat by lunchtime and requires recharging(weekdays when its switched on)
     
  12. Applejuiced macrumors Westmere

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
    #12
    Seeing a hotspot name it's not a security flaw.
    And neither is a bad battery life or any other hardware issue you were having.
     
  13. AusTracka thread starter macrumors newbie

    Joined:
    Jul 21, 2015
    Location:
    Australia
    #13
    Argumentative ? I simply posted my issue with replys that it was not a problem. Both devices are mine, I attended an apple store with the issue of the phone going flat halfway through the day and that the hotspot is visible to others. The "deactivated" hotspot was visible on their personal iphone. After upgrading to 2 x iphone 6's, both of these phones could see my iphone 5's hotspot.
     
  14. AusTracka thread starter macrumors newbie

    Joined:
    Jul 21, 2015
    Location:
    Australia
    #14
    OK, so if you have physically deselected the mobile hotspot feature and your phone continues to broadcast this and allows other devices without a password to activate it and connect you don't see this to be an issue ? OK...
     
  15. Applejuiced macrumors Westmere

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
    #15

    It only allows that to devices signed into your icloud ID.
    Its a feature meant to work like this. You still dont get it or you just act like you don't?
    It works like that with only your phones logged into your itunes account. How many times do they need to explain it to you?
     
  16. AusTracka thread starter macrumors newbie

    Joined:
    Jul 21, 2015
    Location:
    Australia
    #16
    OK applejuiced, Please re-read my posts. I will rewrite to make it clear. I have never disclosed my icloud account details to the genius desk operator or any other person for that matter. I asked the genius bar operator to get out their phone and search for my device to which they were able to within seconds. The "wireless hotspot" tab was deselected on my Iphone 5 yet the genius bar operator was STILL able to see my phones SSID on his. have I missed something ?
     
  17. AusTracka thread starter macrumors newbie

    Joined:
    Jul 21, 2015
    Location:
    Australia
    #17
    Hi Chrfr, No neither device ever jailbroken. Brand new Iphone 6 only 20mins old, 8.3(12F70)
    Iphone 5 8.4(12H143)
     
  18. Applejuiced macrumors Westmere

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
    #18
    Earlier you said it was accessed with 2 other of your signed in phones and we explained to you that yes because you all use the same icloud, now you're saying that is was accessed by an employee's iphone.
    Sorry, not buying your crazy story...
     
  19. AusTracka thread starter macrumors newbie

    Joined:
    Jul 21, 2015
    Location:
    Australia
    #19
    Yes I agree with what your saying Applejuiced, 100% it was able to be accessed by 2 x Brand new iphone 6 phones on Saturday(2 days ago). to prove this point I requested that the apple genius bar attendant get out his personal mobile and check for hotspots. when he searched he was able to see my hotspot that was supposed to be switched off(he was physically watching the phone). his comment was "that's not supposed to happen" check your bank accounts for any suspicious activity if you bank on your phone........

    I will also mention for your benefit Applejuiced that he took it out the back and commented that the issue had not been seen by them before and was possible related to my screen that was replaced aftermarket as they had seen on board chips replaced previously. At the time of the screen damage I was in a very remote area and could not travel to an apple store(10hr round trip) to get it replaced and fixed to working order. I would have gone to an apple store if it was within a couple of hour drive........
     

Share This Page