Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Resolved MAJOR security bug in iOS 8.0.2

Status
Not open for further replies.
B

bcharleson

macrumors member
Original poster
Sep 19, 2014
96
14
Hello all,

I just discovered this morning a major security bug in iOS 8.0.2 with my iPhone 6. From the lock screen and passcode/TouchID enabled, I initiated Siri and asked her to find the phone number to a local dry cleaners business. Siri pulled up web results on the lock screen. I clicked on one of the results to retrieve the number and it pulls up Safari web browser to get the number. From there, I hit the home button and now I have full access to the phone without entering in my passcode/touch ID.

Boo! Hope this gets fixed ASAP.
 
bcharleson said:
Hello all,

I just discovered this morning a major security bug in iOS 8.0.2 with my iPhone 6. From the lock screen and passcode/TouchID enabled, I initiated Siri and asked her to find the phone number to a local dry cleaners business. Siri pulled up web results on the lock screen. I clicked on one of the results to retrieve the number and it pulls up Safari web browser to get the number. From there, I hit the home button and now I have full access to the phone without entering in my passcode/touch ID.

Boo! Hope this gets fixed ASAP.
Click to expand...

You unlocked the phone by pressing the home button.
 
bcharleson said:
Hello all,

I just discovered this morning a major security bug in iOS 8.0.2 with my iPhone 6. From the lock screen and passcode/TouchID enabled, I initiated Siri and asked her to find the phone number to a local dry cleaners business. Siri pulled up web results on the lock screen. I clicked on one of the results to retrieve the number and it pulls up Safari web browser to get the number. From there, I hit the home button and now I have full access to the phone without entering in my passcode/touch ID.

Boo! Hope this gets fixed ASAP.
Click to expand...

Did you report this to Apple?
 
bcharleson said:
Hello all,

I just discovered this morning a major security bug in iOS 8.0.2 with my iPhone 6. From the lock screen and passcode/TouchID enabled, I initiated Siri and asked her to find the phone number to a local dry cleaners business. Siri pulled up web results on the lock screen. I clicked on one of the results to retrieve the number and it pulls up Safari web browser to get the number. From there, I hit the home button and now I have full access to the phone without entering in my passcode/touch ID.

Boo! Hope this gets fixed ASAP.
Click to expand...

Disable Touch ID and then check again.... ^^
 
madsci954 said:
And you activated Siri (held down the Home button) with a finger not registered with Touch ID, correct?
Click to expand...

Yep, just reproduced the bug.

From the lock screen, press and hold home button, ask Siri for phone numbers for something and it'll pull up results (I said dry cleaning). It pulled up results and brought up Apple Maps. From there I hit the home button and I now have full access to the phone without entering my passcode/TouchID.

iPhone 6/8.0.2

----------
maflynn said:
Do you have touchid enabled?
Click to expand...

Yes I do.
 
Can you try again but use a pencil eraser or some other soft tipped thing to press the home button? This would rule out your finger unlocking the device when pressing the home button.
 
bcharleson said:
Yep, just reproduced the bug.

From the lock screen, press and hold home button, ask Siri for phone numbers for something and it'll pull up results (I said dry cleaning). It pulled up results and brought up Apple Maps. From there I hit the home button and I now have full access to the phone without entering my passcode/TouchID.

iPhone 6/8.0.2

----------



Yes I do.
Click to expand...
Try to press home button with not registered finger. Because when you press/ touch with registered finger, it unlocks your iPhone...
 
karstas said:
Try to press home button with not registered finger. Because when you press/ touch with registered finger, it unlocks your iPhone...
Click to expand...

Good point! Let me try this...

You guys are awesome..the holding down of the home button with registered finger unlocks the phone. I tried it plugged in and did it through "Hey Siri" as well as a stylus and it asked me for the passcode/TouchID.

Disregard! Thanks guys.
 
MAJOR security bug in iOS 8.0.2

icon_lol.gif
 
SMH! I swear, people just need to enjoy the phone instead of spending their time looking for flaws in it. Since this iPhone has come out, these forums are filled with more BS topics then ever. I swear these are undercover Samsung/android users.
 
Smh how many times have we seen a thread like this about a "major security bug" only to find out the user was unlocking the phone with their registered finger.
 
karstas said:
Here is the real bypass


Click to expand...

Its amazing that people can continually find ways around Apples security. That just looks like sloppy programing on Apples behave. Hopefully they fix it without breaking too many other features.

Just imagine all the security flaws people are going to find with ApplePay.
 
Status
Not open for further replies.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back