A series of YouTube videos are pointing out a flaw that could allow users to access photos on an iPhone without entering in a passcode. This requires physical access to the device, and Siri on the lock screen needs to be enabled.
The process is also fairly convoluted. Although one Gizmodo staffer was able to make this work on an iPhone 6, I was not able to reproduce the bug on an iPhone 6S, an iPhone 7 Plus, or an iPad Pro. However, the YouTube channel iDeviceHelp posted this video earlier this week walks through all the steps, and sure enough, it looks like they’re able to break into the phone.
First, you need to call the phone you want to gain access to. If you don’t know the number, you can ask Siri “Who am I?” to get it. (A FaceTime call will work as well.) Then, from the incoming call screen, choose the “Message” option and choose “Custom.” That opens up a screen to reply to the call with a message.
From here, you need to enable Voice Over mode, by invoking Siri and saying, “Turn on Voice Over.” This will enable an accessibility feature that will read out items on the screen.
This is where it gets really tricky. Then, you need to double tap on the recipient filed on the message (the name), while also tapping on a random key on the keyboard. This should open up a “to” field on the SMS that will then let you search through contacts already on the phone. (You’ll know you’ve gotten the bug to work when you see the tools pop up next to the compose message box.)
At this point, you’ve already broken into the phone to a certain degree, because you can see all of the contacts. Pressing on an “i” icon next to a contact should show details about the contact, which will then allow the user to create a new contact. This is where the exploit becomes really useful. Tapping on the new contact button, a user can opt to add in a photo and doing that will allow access to all the photos on a camera roll. This basically means a skilled person could browse all of your photos without you knowing.
Tricks that let hackers bypass any iPhone’s lockscreen are hardly new, and they typically take a little bit of skill and luck. And although the iDeviceHelp video and others like it are cropping up all over YouTube, it’s always safe to remain sceptical about how dangerous these tricks might be. As far as bugs go, this one feels fairly innocuous since it requires prolonged physical access to a device. And although you can access photos, actually doing anything with that data is a different story.
iDeviceHelp says it submitted the bug to Apple and we expect this sort of thing will probably be fixed in a few days. But if you’re ultra paranoid, just disable Siri from the lock screen. [Bleeping Computer]