Exploit allows contacts, photos access on a locked iPhone 5

There's a way to gain access to a lot of private data on an iPhone 5 running iOS 6.1

There's a way to gain access to a lot of private data on an iPhone 5 running iOS 6.1, even when that phone is locked with a passcode. Reports about the exploit began circulating early Thursday, though the YouTube video with the method was actually posted at the end of January.

The hack requires a series of seemingly disconnected steps, and takes practice to pull off. Obviously, you're only at risk if your locked iPhone ends up in the hands of someone with knowledge of the trick. Once you use the method to bypass an iPhone's passcode, you gain access to the locked phone's contacts, voicemails, and photos.

To break past the passcode, you:

1. Slide to unlock the iPhone, and tap the Emergency Call button.

2. Press and hold the sleep/wake button until the Slide to Power Off screen appears, and then tap Cancel.

3. Dial an emergency number like 112, press the green button, and then immediately press Cancel.

4. Lock the iPhone with the sleep/wake button.

5. Wake up the phone again, and slide to get to the passcode screen again.

6. Press and hold the sleep/wake button for three seconds, and press the Emergency Call button just before the Slide to Power Off screen appears. Immediately press the Home button, and then release both buttons.

If it works--it took me several tries to get it right--you'll instantly find yourself staring at the locked iPhone's contacts. You can browse their data, edit them, or place calls. And by tapping to add a photo to a contact, you can browse through all the saved photos on the iPhone.

Apple spokesperson Trudy Muller told Macworld, "Apple takes user security very seriously. We are aware of this issue, and will deliver a fix in a future software update." This isn't the first time the iPhone's passcode has been broken, and Apple released a patch soon after that similar exploit gained attention, too.

Tags: Apple, consumer electronics, security, iPhone, smartphones, Exploits / vulnerabilities

Near field communication – the security risks

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

AVG Internet Security 2011 Business Edition

Ultimate protection for your small or medium-sized business

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.