Despite Apple working pretty damned hard to tighten security with its latest iteration of the iOS mobile operating system, it’s only natural that flaws will occur; but unless they aid the jailbreaking process in any way, shape or form, we’re about as excited to see them as Tim Cook’s security squad is.
Canadian tech consultant Ade Barkah has discovered a bug which allows photos on an iPhone running iOS 5 to be viewed via the lockscreen camera button – even if the device is locked with a passcode. To prevent many iDevice users from missing the all-important Kodak moment, Apple added an easily accessible button which can be initiated a lot quicker than in iOS 4 – meaning if you do spot a UFO, Elvis Presley or Tupac – they won’t be elusive enough to avoid the snap of the world’s favorite camera. However, if you attempt to check out the photo gallery via the thumbnail, you are met with a message advising you to "Unlock your iPhone to see all of your photos and videos.” Secure? Let’s put it to the test.
In a change from the usual rigmarole of bugs only affecting a fraction of users, this one is testable, and if you own an iPhone, you too can see right now just how fragile your smartphone’s security is. Before you frantically delete those private snaps of yourself and that supermodel, it’s important to consider that it only occurs if the clock is turned back, so unless you travel between time zones frequently or, like me (regrettably) change the time in order to unlock the supercar on DrawRace 2 more than once per hour, then you could end up in a spot of bother.
To test, tap the Settings icon on your SpringBoard and change the date to some time in the past. If you lock your device, you will still be able to see all photos taken since that date via the quick launch camera button – passcode or no passcode.
Aside from the aforementioned, there are numerous glitches and sync issues which could cause the date to be out of joint with reality, and as Barkah correctly points out:
Apple should not rely on a simple time stamp to restrict image access . . . Changing the iPhone’s clock–[forward or backward]–should not affect its security. We can’t guarantee the clock will always monotonically [move] forward, and when it doesn’t, the system should fail-secure.
If you lock your device with some form of number/letter combo, there’s a good chance you don’t want prying eyes browsing through your photos, so it is of paramount importance that the fruit company amends this glaring flaw rather swiftly in the next iOS 5 revision.