Home News Lockscreen Bypass Exploit Found in iOS 13

Lockscreen Bypass Exploit Found in iOS 13

Sep 16, 2019
SHARE

With iOS 13 slated to be released this week, news is coming out that researchers have found a security flaw in the lockscreen. This security flaw will allow someone to bypass the lockscreen completely, which means they can get into your contacts. We have all of the latest information about the security flaw, so keep reading to learn more.

Lockscreen Bypass Flaw Found in Gold Master Version of iOS 13

The researchers had first discovered this security flaw about two months ago and had reported this flaw to Apple. Even though it was reported months ago, it still appears to be a live exploit on the Gold Master version, which is the version that will be released publicly this week. The person who found this exploit is Jose Rodriguez, and he also found the exploit in iOS 12.1.

What Rodriguez said is that the technique used in the lockscreen bypass back on iOS 12.1 is similar to the way the lockscreen bypass works in iOS 13. Essentially, you will need to start up a FaceTime call and then use the voiceover feature that is found within Siri. All you do from there is enable the contacts to be accessed and from there you can get a lot of information. This will allow you to see addresses, phone numbers, email addresses, and much more from those contacts.

It’s No Surprise that iOS 13 Lockscreen Bypass is Found

We’re not surprised that a new lockscreen bypass exploit has been found on the Gold Master copy of iOS 13. The good news is that the beta copy of iOS 13.1 seems to have fixed this exploit, but it will be a couple weeks before we get this beta update. The iOS 13.1 beta version is scheduled to be released on September 30.

We’re more surprised that Apple chose to not include the fix for this in the main iOS 13 release and instead will wait until the iOS 13.1 beta. Apple knew about this issue a couple months ago, which is plenty of time to get the issue fixed in the Gold Master version.

The lockscreen bypass only will work if you have the actual iPhone with you since you need to make the FaceTime call and also enable the voiceover option in Siri. This is good news because it means you need the physical phone to bypass the lockscreen as opposed to this being a remote attack.

Lockscreen Bypass Bugs Have Long Been an Issue for Apple Well Before iOS 13

The lockscreen bypass bug has been a long-standing issue when it comes to new Apple operating systems. It started well before iOS 13 and likely will continue way after iOS 13 too. The first time this exploit was found was way back on iOS 6.1, which was about six-years ago. With that attack, someone could gain access to photos, contact information, and phone records. There was also an issue in iOS 7, a similar issue in iOS 8.1, and another similar issue in iOS 12.1.

We want to know in the comments below what you think about this issue. Do you think Apple is doing enough to try to fix the lockscreen bypass issues going on with the iOS versions? Are you shocked that Apple didn’t fix the issue in the main iOS 13 release after being told about it? Will you be downloading iOS 13 this week or are you going to wait until iOS 13.1 is released in a couple weeks? Tell us your thoughts on iOS 13 and what features you’re excited to try in this new operating system.