Resolved MAJOR security bug in iOS 8.0.2

Discussion in 'iOS 8' started by bcharleson, Oct 6, 2014.

Thread Status:
Not open for further replies.
  1. bcharleson macrumors member

    Joined:
    Sep 19, 2014
    #1
    Hello all,

    I just discovered this morning a major security bug in iOS 8.0.2 with my iPhone 6. From the lock screen and passcode/TouchID enabled, I initiated Siri and asked her to find the phone number to a local dry cleaners business. Siri pulled up web results on the lock screen. I clicked on one of the results to retrieve the number and it pulls up Safari web browser to get the number. From there, I hit the home button and now I have full access to the phone without entering in my passcode/touch ID.

    Boo! Hope this gets fixed ASAP.
     
  2. Paddle1 macrumors 68030

    Joined:
    May 1, 2013
    #2
    You unlocked the phone by pressing the home button.
     
  3. gibbz macrumors 68030

    Joined:
    May 31, 2007
    #3
    Did you report this to Apple?
     
  4. bcharleson thread starter macrumors member

    Joined:
    Sep 19, 2014
    #4
    Sure did!
     
  5. Vader macrumors 65816

    Vader

    Joined:
    Oct 11, 2004
    Location:
    Saint Charles, MO
    #5
    Mine asks me for my password as soon as I click on the result.
     
  6. EdgardasB macrumors 6502a

    EdgardasB

    Joined:
    Apr 14, 2014
    Location:
    Lithuania
    #6
    Disable Touch ID and then check again.... ^^
     
  7. madsci954 macrumors 68030

    Joined:
    Oct 14, 2011
    Location:
    Ohio
    #7
    And you activated Siri (held down the Home button) with a finger not registered with Touch ID, correct?
     
  8. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #8
    Do you have touchid enabled?
     
  9. bcharleson thread starter macrumors member

    Joined:
    Sep 19, 2014
    #9
    Yep, just reproduced the bug.

    From the lock screen, press and hold home button, ask Siri for phone numbers for something and it'll pull up results (I said dry cleaning). It pulled up results and brought up Apple Maps. From there I hit the home button and I now have full access to the phone without entering my passcode/TouchID.

    iPhone 6/8.0.2

    ----------

    Yes I do.
     
  10. geoffm33 macrumors 6502

    geoffm33

    Joined:
    Dec 27, 2010
    #10
    Can you try again but use a pencil eraser or some other soft tipped thing to press the home button? This would rule out your finger unlocking the device when pressing the home button.
     
  11. EdgardasB macrumors 6502a

    EdgardasB

    Joined:
    Apr 14, 2014
    Location:
    Lithuania
    #11
    Try to press home button with not registered finger. Because when you press/ touch with registered finger, it unlocks your iPhone...
     
  12. MonkeySee.... macrumors 68040

    MonkeySee....

    Joined:
    Sep 24, 2010
    Location:
    UK
    #12
    haha.

    Dude, You're unlocking the phone using the home button and your finger print.
     
  13. Paddle1 macrumors 68030

    Joined:
    May 1, 2013
    #13
    It unlocks if you touch the home button with a registered finger.
     
  14. EdgardasB macrumors 6502a

    EdgardasB

    Joined:
    Apr 14, 2014
    Location:
    Lithuania
  15. bcharleson thread starter macrumors member

    Joined:
    Sep 19, 2014
    #15
    Good point! Let me try this...

    You guys are awesome..the holding down of the home button with registered finger unlocks the phone. I tried it plugged in and did it through "Hey Siri" as well as a stylus and it asked me for the passcode/TouchID.

    Disregard! Thanks guys.
     
  16. antiprotest macrumors 65816

    antiprotest

    Joined:
    Apr 19, 2010
    #16
    You unlocked the phone with Touch ID and didn't realize it.
     
  17. bcharleson thread starter macrumors member

    Joined:
    Sep 19, 2014
    #17
    You guys are right. Thanks guys!

    Moderators -- please delete/close thread accordingly. Thanks!
     
  18. dhlizard, Oct 6, 2014
    Last edited: Oct 6, 2014

    dhlizard macrumors G4

    dhlizard

    Joined:
    Mar 16, 2009
    Location:
    The Jailbreak Community
    #18
    /FACEPALM :eek:

    Believe me, once we advised you to use a non-TouchID finger, it was "fixed" ASAP.
     
  19. zBoost macrumors member

    Joined:
    Sep 19, 2013
  20. doxielover macrumors 6502a

    doxielover

    Joined:
    Apr 12, 2011
    Location:
    CA
    #20
    MAJOR security bug in iOS 8.0.2

    This has been known for awhile. Maybe it has been fixed. Haven't received my 6 plus yet.

    http://youtu.be/NTA8k4tyY78
     
  21. E2EK1EL macrumors 6502

    Joined:
    Nov 19, 2012
    #21
    Bahahahahahahahaha
     
  22. DaveNJ80 macrumors newbie

    Joined:
    Jun 1, 2011
    #22
    SMH! I swear, people just need to enjoy the phone instead of spending their time looking for flaws in it. Since this iPhone has come out, these forums are filled with more BS topics then ever. I swear these are undercover Samsung/android users.
     
  23. EM2013 macrumors 65816

    EM2013

    Joined:
    Sep 2, 2013
    #23
    Smh how many times have we seen a thread like this about a "major security bug" only to find out the user was unlocking the phone with their registered finger.
     
  24. Traverse macrumors 603

    Traverse

    Joined:
    Mar 11, 2013
    Location:
    Here
    #24
    Guys don't pick on the OP! We've all had our moments! :D
     
  25. cynics macrumors G4

    Joined:
    Jan 8, 2012
    #25
    Its amazing that people can continually find ways around Apples security. That just looks like sloppy programing on Apples behave. Hopefully they fix it without breaking too many other features.

    Just imagine all the security flaws people are going to find with ApplePay.
     
Thread Status:
Not open for further replies.

Share This Page