It looks like I got this wrong.
My own testing produced the same results as in 9to5Mac’s original report. It seems that both their reporter and myself must have unlocked our iPhones within the prescribed amount of time in the “require Passcode” time settings.
Graham “red-faced” Cluley.
PS. For completeness, and to compound my earlier embarrassment, here’s the article I published initially..
Apple announced the “new iPad” to an expectant world yesterday and at the same time released a new version of its iOS 5.1 operating system for existing iPhone, iPod Touch and iPad users.
If you’re about to install iOS 5.1, my advice right now would be to be very careful. As there is a serious security hole.
As 9to5Mac reports, it is child’s play for anyone to gain full access to your Apple device running iOS 5.1, even if you believe you have locked it.
I hope you don’t have anything you wanted to keep private on your Apple iPhone or iPad, because if you leave it lying around – someone might be able to spy upon what you’ve been up to.
I just tried it for myself on an iPhone 4, and was able to gain complete access to a supposedly locked device without having to enter a pass code.
Here’s how it works.
- From your iPhone’s lock screen, open the camera app from the new “slider” that iOS 5.1 has introduced.
- Now, click on the gallery icon in the bottom left hand corner (you normally use this in the photo app to view past pictures you have taken).
- Click the Home button, and you’ll be returned to your main screen and have access to all of the apps and settings. Ouch.
Blogger James Woods believes the problem only occurs for those who had a pass code enabled at the time that they updated their iPhone or iPad to iOS 5.1, and that if you turn off your pass code and then turn it back on again, you will be properly secured.
In my tests this proved to be the case, but it shouldn’t be necessary for people who had already applied decent security on their iPhone/iPad to then have to do it again because an update from Apple undid the security steps they had previously taken.
Apple should fix this security hole, before users who believe they are properly protected have their iPhones and iPads snooped upon.
Presumably this flaw is not present in Apple gadgets which do not have a camera, such as the original first generation iPad.
10 comments on “Updated: critical security hole in iOS 5.1? Perhaps not..”
I've just tried this and it doesn't do as you describe and remains locked. At stage 2 it shows a message "Your iPhone is locked" and then pressing the Home button brings up the Passcode screen. I had Passcode enabled before the 5.1 update
Yeah, it looks like I goofed. You should be able to see that I added a correction at the start of the article. Apologies to all concerned – I feel suitably embarrassed.
at least you've stuck your hand up and acknowledged the goof!! perhaps best remove the article to prevent compounding matters.. 🙂
PS – my iPhone is a 3GS in case it varies between models
I think this is user error, or at least user confusion.
This doesn't work on my locked iPhone running 5.1, and there was a passcode set when I upgraded last night.
However it does act as shown above if the timeout period for requesting a passcode hasn't expired (mine is set to auto-lock after 1 minute). In that instance you can unlock the device just by swiping to unlock as normal without entering the passcode, so it's no less secure.
Before I updated, I had required a passcode for my phone. Even after the update, this security "hole" never materialized on my phone.
I've just tried this and it doesn't do as you describe and remains locked. At stage 2 it shows a message "Your iPhone is locked" and then pressing the Home button brings up the Passcode screen. I had Passcode enabled before the 5.1 update. iPhone is a 3GS
and – if you read the comments on the 9to5Mac article – nobody else reproduces it either!!!
Thanks for the correction
I replied to a query on this last night on the o2 forums.
That is why mine is set to immediate for passcode lock.
Nice to see someone admit their mistakes instead of deleting the original post and pretending it was never written.
I actually thought I found this earlier, in the IOS 5 release, but then I figured out what you guys figured out. I wasn't waiting long enough for my passcode to be necessary to unlock the phone.