iOS 6.1.3 has only just been released by Apple, and already a security hole has been followed – allowing anyone to bypass the passcode lock on iPhones, and access private data on the device.
Embarrassingly for the Cupertino company, one of the main reasons for installing iOS 6.1.3 was that it promised to fix other security flaws that allowed the lock screen to be bypassed.
The flaw was found by “videosdebarraquito”, who seems to be making a hobby of embarrassing Apple by uncovering lock bypass flaws. In a video he demonstrates that it’s not particularly complicated to avoid the iOS 6.1.3 passcode lock if you have physical access to the device and a widget for removing the SIM card.
Here is videosdebarraquito’s video, where he demonstrates how the passcode can be bypassed:
It appears that circumventing the passcode lock can allow an unauthorised party access to the device’s photo gallery and use the phone.
The good news is that this security flaw can be easily prevented. The passcode bypass relies upon use of the “Voice Dial” feature of iPhones, which is disabled on devices using Apple’s Siri voice recognition feature.
If you *aren’t* using Siri, then the recommendation is to disable “Voice Dial”. If you do that, your device shouldn’t be prone to this passcode bypass.
You can disable “Voice Dial” on your iPhone by going to Settings / General / Passcode Lock. (Note that if you have Siri enabled you won’t see an option for “Voice Dial” there, as it has been automatically disabled).
Easy as it is to avoid this flaw putting your iDevice at risk, it’s still embarrassing for Apple as it comes so soon after other passcode lock bypasses were publicised.
Let’s hope that Apple fixes this flaw soon, and shuts a permanent door on passcode lock bypasses.