iOS 6.1 Bug Enables Bypassing Passcode Lock to Access Phone and Contacts
Yesterday, Jailbreak Nation highlighted a bug with iOS 6.1 that allows users to bypass a passcode lock on an iPhone to access the phone function and contacts on the device. While the bug allows only limited access to the device and can require several attempts to achieve the correct timing to exploit, it is gaining significant attention today.
1. Lock device
2. Slide to unlock
3. Tap emergency call
4. Hold sleep button until the power down prompt shows. Click cancel, you will notice the status bar turn blue. Type in 911 or your emergency number and click call then cancel it asap so the call dosen’t go through.
5. Lock your device with the sleep button then turn it on using the home button.
6. Slide to unlock then hold the sleep button and in 3 seconds tap emergency call. This will spazz out the phone and cause it to open.
[Make sure to continuously hold the sleep button until you are done looking in the phone]
MacRumors encourages users to refrain from experimenting with the technique, as emergency calls that are not canceled soon enough may go through to operators.
The issue does appear to have been present in earlier versions of iOS as well, as Gizmodo points to a YouTube video posted in late January claiming that the method also works on iOS 6.0.1 and 6.0.2.
Similar bugs have appeared in previous versions of iOS, and Apple has generally moved fairly quickly to incorporate fixes into subsequent software updates once it becomes aware of the issues.
Update: One MacRumors reader notes that the technique does not appear to work if the user has turned off the "simple passcode" option to allow for more complex passcodes.
Update 2: AllThingsD notes that while Apple has yet to make an official comment on the issue, "sources close to the company say it is hard at work on a fix."
Update 3: AllThingsD has now updated its report with a response from Apple.
“Apple takes user security very seriously” spokeswoman Trudy Muller told AllThingsD. “We are aware of this issue, and will deliver a fix in a future software update.”