Friday, September 20, 2013

iOS 7 Lockscreen Bug Dicovered

 Just 72 hours after release the first significant security risk of Lockscreen bug has been discovered in Apple iOS 7.

The bug occurs because, by default, the Control Center functionality is set to be available even when the screen is locked. Although full access is not possible, a thief could take control of the camera including the photo reel and post to linked social networks.

Although the bug only manifests if a very precisely timed sequence of key presses is performed, the fact that this information is now in the public domain means that a patch will be required quickly. In the meantime, users can disable the feature, and the associated security risk, by simply disabling the option for Control Center in their lockscreen.

Mobile security firm Lookout has revealed that it has managed to use the bug to access the timer, calculator and contacts list, though we can't imagine the first two being any huge threat to personal data.

Whilst acknowledging that concern is warranted in the ongoing battle to keep personal information private, we should emphasis that this is a somewhat convoluted security risk, relying as it does on a number of criteria being met.

We do wonder, however, whether Samsung will perhaps want to claim a patent on this lockscreen bug, given that its Android phones were similarly afflicted earlier this year.

Meanwhile, in a separate development, venture capitalist IO Capital has put a bounty of $10,000 for the first hacker who can "reliably and repeatedly" break into an iPhone 5S by lifting fingerprints. Since the prize was announced, the hacking community has been adding its own prizes, including copious amounts of alcohol and bit coins.

1 comment: