A new potential security flaw has been found in a newly released version of the software that powers the iPhone, according to a new video that has cropped up on YouTube.
Apple’s recently released iOS 6.1.3 was pushed out to the end user with a list of big fixes that included the one that was intended to eradicate a security flaw which allowed malicious users to bypass an iOS device’s lock screen, gaining access to personal data. While not the only fix present, it was no doubt high on Apple’s priorities, especially in a world where the iPhone is growing its presence in the business world.
With that in mind, it’s potentially even more surprising and perhaps damaging that this very update has managed to introduce its own security problems, again making it possible to bypass a security PIN that is supposed to stop people from unauthorized access to your data. Alarming stuff indeed.
Shown off by YouTube user VideosdeBarraquito, the video embedded shows the steps required to gain access to not just the phone’s list of contacts, but also its camera roll and other photos present on the device. Considering photos can be some of the most sensitive data we have on our smartphones, this is certainly an issue that Apple will need to address.
Gaining access is as simple as using a phone’s voice calling feature and then popping the SIM card out at the right time. This will cause the call to fail and the iOS Phone app to load. From here, users can edit and add contacts, and in the process gain access to photos, too. It’s all a bit worrying, especially if you rely on your iPhone to be as secure as possible.
So if you have a device running 6.1.3 with Siri disabled, and Voice Control activated, you will be affected by this. A temporary workaround for this is to enable Siri on newer devices, or disable Voice Dial feature found under Settings –> General –> Passcode.
We’re expecting Apple to be working on iOS 6.1.4 right now, but doubt the iPhone maker will push the update out if this is the only fix. For now, the only way to ensure security is to disable that voice calling feature altogether, which whilst not exactly ideal, is certainly better than having supposedly secure data be accessible to anyone with a paperclip!
Here’s to hoping that Apple patches this issue as soon as possible, no one wants their data to be a free-for-all affair.