Hacking News

<< Next Post - Previous Post >>

iOS 5 Vulnerabilities for iPad2 and iPhone 4S

Two vulnerabilities in iOS5 have recently been discovered, one is affecting the iPad2 and the other the new iPhone 4S. In both cases it allows anyone to bypass any lock/passcode to gain unauthorised access to the device.

1) iPad 2 + iOS5 + SmartCover = Anyone can unlock your iPAD
This only affects iPad2 with iOS5 and the smart cover set to automatically lock the device.
With a locked iPad2, keep pressing the power button until you see the screen telling you to swipe to turn off, close the smart cover, reopen it and push the CANCEL button.
This will give you access to the latest application that was used. It means that if you were on the application listing screen you will be able to see all the applications installed on the iPad, but you will not be able to open any otherapplications. This is because you are in the “finder”/”Explorer” application.
But it also means that if before you closed your smart cover to lock your device you were in the mail application, using this technique would give you full access to the mail app and your emails.

To fix the issue you need to disable the smartcover autolock feature, until Apple fixes this bug.

2) iPhone 4S + SIRI
With SIRI enabled, even if you have locked your phone with a passcode, you can hold the HOME button and SIRI will be activated allowing you to speak commands such as call someone, send a text or an email, etc.
Although you cannot open applications this way, you can still do unauthorised actions as mentioned above.

To fix this issue you need to disable SIRI, until Apple fixes this bug.

What is somewhat surprising is that it is taking so long for Apple to fix these issues, They have been know for more than a week…

<< Next Post - Previous Post >>