Skip to main content

iOS security vulnerability

My post earlier today about hacking the iPhone 5S's TouchID was talking about something major: access to everything in the phone. But that post mattered to you only if you have an iPhone 5S (the brand new, higher-end model). There is another vulnerability that affects just about everybody with an iPhone, at least if you've upgraded to iOS 7.

If the phone you're trying to get allows access to the Control Center from the lock screen, it's possible for someone who knows a fairly simple trick to get into your photos and some other parts of your phone's content. You can read about it here:

Forbes/Andy Greenburg: 
iOS 7 Bug Lets Anyone Bypass iPhone's Lockscreen To Hijack Photos, Email, Or Twitter

I just confirmed that this is possible using my own iPhone 5. I'm writing this on 9/23/13 and using the current (latest) version of iOS 7 (11A465).

Unauthorized access to your email is the biggest danger here. Remember, somebody with access to your email may be able to change your password to other accounts. So even though this bug doesn't immediately give the intruder full access to your phone, it's potentially serious.

But there's a fix, and you should take advantage of it. Simply disable Control Center on the lock screen:

Settings > Control Center > Access on Lock Screen (turn off)

Should be off by default but it isn't.
Labels:

Comments

Post a Comment

Popular posts from this blog

Setting up OAUTH with Google in FileMaker 16

Setting up OAuth with Google in FileMaker 16 Posted by William Porter Intended audience: Intermediate to Advanced FileMaker developers Date of publication: 2017-June-06 Updated: 2018-June-06 One of the many exciting features in FileMaker 16 (released May 2017) is OAuth or Open Authentication. Open Authentication allows users to connect to a FileMaker database after authenticating with an external (non-FileMaker) account. At the present time, FileMaker supports OAuth through Google, Amazon and Microsoft. If you're a developer there are two main questions to answer. First, should I do this? And second, how do I do it? I'll answer the first question later. It's important. But the other question-- How  do I setup OAuth?--is answered in the attached document. I wrote this tutorial with the help of my friend and colleague Taylor Sharpe of Taylor Made Services , also here in Dallas. We provide step-by-step instructions on how to get your users authenticating in...
6 comments
Read more

Getting out of fullscreen mode in FileMaker Pro

In version 2 of Acquittal, our criminal defense case management app, we're doing some nifty stuff with windows, and that means we're finding out that even in FileMaker Pro 15, we still don't have quite all the tools we'd like for managing windows.  One problem is how to trap for the possibility that the user has switched into fullscreen mode. The other problem is how to get out of it. Is this window in fullscreen mode? This one's not too hard. This calc formula seems to do the trick: Get ( WindowHeight ) = Get ( ScreenHeight ) and Get ( WindowWidth ) = Get ( ScreenWidth) That will return true if the window is in fullscreen mode, false if it's not. Why does this matter? Because there are certain things that you can't do with a window if it's in fullscreen mode. In Acquittal, for example, there are times when we want to generate a second "sidecar" window, then display the main and sidecar windows side-by-side. Can't do it if...
1 comment
Read more

More about why I like the new navigation part in FileMaker Pro 14

I myself didn't completely "get" the navigation layout part at first. In this post I want to clarify a few things about the benefits of this new feature. The new navigation layout part in FileMaker Pro 14 and FileMaker Pro 14 Advanced differs in two significant ways from the header/footer parts we've had since forever (and which we still have in 14): Navigation parts don't zoom Navigation parts don't scroll out of sight Well, it's a little messier than that, in reality. Let me elaborate on the messiness of it first, since the messiness may have some impact on why navigation parts took me a day or two to "get". First potential confusion: objects in navigation parts don't zoom, but they are not completely inflexible. If you grab the edge of the window and make the window wider (I'm not talking about zooming the content, I'm talking about actually enlarging the window) then any objects in a navigation part that are anchored to...
Post a Comment
Read more