Site icon The Mac Security Blog

Return of the Passcode Flaw in iOS 6.1.3

Just when you thought the passcode flaws in iOS 6.1 were fixed, another one rears its ugly head. The cavalcade of fun never ends! I imagine those folks who declined to update in order to keep their jailbreak are probably laughing smugly right now.

This explanation by ZDNet sums up the situation nicely. You need to have an iPhone with Voice Control enabled (and possibly Siri disabled) and a SIM card in order to be vulnerable to this flaw. The access is limited to the Camera Roll and Photo Stream, recent call logs, contacts, and voicemail boxes that are unprotected by a PIN code.

It’s a universal law of security that we repeat time and again: if someone gets physical access to your device, that device is no longer “yours,” especially if all that’s between you and your data is a simple numeric passcode. And as long as there is functionality that works despite your device being locked, there will continue to be flaws like these.

Share this: