Recently a bug in iOS 6 was discovered which allowed the unauthorised users to bypass the passcode and see the contacts, call logs and other available information in Phone app. Today another bug surfaces which is more dangerous as it can give access to other sensitive information and files present on your iPhone. However, this hack is possible only when the phone is connected with a laptop using a USB cable.
The basic phenomena behind both methods seems similar. In this new bug we have to press home and power buttons in a particular fashion, call on emergency numbers, and then again press hold few buttons. Moreover, it doesn’t require the already authorised PC to get the information.
According to Arstechnica:
“The vulnerability is located in the main login module of the mobile iOS device (iPhone or iPad) when processing to use the screenshot function in combination with the emergency call and power (standby) button. The vulnerability allows the local attacker to bypass the code lock in iTunes and via USB when a black screen bug occurs,” Mejri wrote. “The vulnerability can be exploited by local attackers with physical device access without privileged iOS account or required user interaction. Successful exploitation of the vulnerability results in unauthorized device access and information disclosure.”
Here is the method:
First of all press the power button and then tap on “Emergency Call” option at the bottom left. Now dial any emergency number like 112, 911 or 110. As soon as it starts dialling the number, quickly hang it up.
Now follow this tricky part.
Push the power button again, quickly followed by the home button. This is where it gets slightly tricky – press and hold the power button for 3 seconds, after 2 seconds also press the Home button and the Emergency Call button on the lock screen. Leave them pressed. After one second, first release the home button and the Emergency Call button, followed by the power button.
If every step is followed correctly, your device’s screen will go blank and only status bar will be visible. Now connect your iPHone with PC using USB data cable.
AllThingsD tells us Apple is already aware of this problem and the future iOS 6.1.3 update will fix the problem.
[via Redmond Pie]
Tip: You can disable the Emergency Call button present on lockscreen by using this simple App available in Cydia store until a permanent fix comes.
