Settings

Theme

iOS 9 allows access to photos and contacts on a passcode locked iPhone

idownloadblog.com

15 points by soisses 11 years ago · 5 comments

Reader

TazeTSchnitzel 11 years ago

Reminds me of a similarly Rube—Goldberg-esque login screen circumvention in Windows 95:

https://media2.giphy.com/media/lN0A3biIDKepW/giphy.gif

  • soissesOP 11 years ago

    Right, we saw some of bypasses like this lately.

    And I believe we'll see more, because we add more and more features to the lock-screens.

stinos 11 years ago

"This only allows users to view your contacts, and look at your photos (not videos) through a limited interface. Photos cannot be forwarded or shared from your iPhone"

only? Isn't that bad enough? Anecdotally I really couldn't care if any of the messages I have get out in the open as for some reason I don't have sensitive content in them, but some pictures on the other hand are really not meant for everybody, especially when they aren't even sorted out yet, and I'm sure I am not alone.

Also: taking a picture of a phone with a picture still preserves most of it and so they can in fact be - what I would call - forwarded.

smackfu 11 years ago

There have been quite a few of these exploits over the years, where you can trick a program running in locked mode into thinking it's in unlocked mode. It seems like they really need to have completely separate programs to run in locked mode that can't access anything except via defined APIs.

  • muaddirac 11 years ago

    I think object-capability based access control would solve the problem as well. If the login screen is only given the capability to talk to the authentication program, then even if you could force opening photos, you wouldn't have the capabilities to hand to the photos app to actually view them.

Keyboard Shortcuts

j
Next item
k
Previous item
o / Enter
Open selected item
?
Show this help
Esc
Close modal / clear selection