Do you lock the front door but leave the windows open? A new hack shows how iPhones are vulnerable, even when locked.
Samrang Pring / Reuters
A glitch in Apple's iOS 6.1 operating system makes it possible to access an iPhone's sensitive data, including contacts and photos, without entering the correct passcode, or personal identification number (PIN).
The security flaw, the second PIN bypass that security researchers have found this month, takes a bit of tricky button-pushing in a specific order. But once done successfully, it allows an intruder to download the phone's data over USB to a computer that would have otherwise been locked out.
The security hole was disclosed in full detail by Vulnerability Lab CEO Benjamin Mejri on Seclists.org, where he explained how to get around an important security feature that millions of Apple customers rely on every day. The hack involves simply manipulating the button-press sequence for the screenshot and emergency-call functions.
If the exploit is performed successfully, Mejri explained, the device will go into "black screen mode," showing a dark blank screen. Once the device is connected to a computer, the intruder has direct access to the compromised device's hard drive. A video Mejri produced shows the procedure all the way through to success.