Mobile

Blog archive
iphone hack

Security flaw opens locked iPhone

For the last few weeks there have been several videos showing up on YouTube demonstrating how one can access the phone functions of a supposedly locked iPhone. The first video apparently was posted on Jan. 31, with screens and voices in Spanish, though many others have since followed suit in a variety of other languages.

For agencies that have been adding iPhones to their enterprises, the good news is that the hack apparently doesn't give access to a phone's features other than voice calls and contact list, so files and applications should be safe. Nevertheless, contact lists could be exploited for a variety of purposes.

We won't go into the details of the hack here and certainly wouldn't post a direct link to such a video. However, it involves using the emergency call feature and a well-timed press of the power button to gain access to phone functions, including the victim's contact list. Some videos show a second phone that is used to take the control over the victim phone, but others only show the victim's phone, so the second phone doesn't appear to be necessary. The flaw affects the latest version on iOS, 6.1, as well as some earlier versions.

The original poster writes in the video description that you should use this "For prank your friends..." or "for a magic show..." The poster goes on to practically beg the viewer to "please... do not use this trick to do evil !!!" Unfortunately, some of the more than 350,000 people who have watched the video may do just that. But, as reckless as showing the exact method of performing this hack is, at least the video makers are doing the service of pointing out the problem.

Apple said it was working on the problem and would issue a fix in a future software update, CNN reported. Meanwhile, agency employees with iPhone would be wise to keep them close at hand.

Posted by Greg Crowe on Feb 15, 2013 at 9:39 AM


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.