iOS 7 Lock Screen Vulnerability Gives Access to Photos, Email

There appears to be a lock screen vulnerability in iOS 7 that allows access to a device’s photos, email, and social networking accounts. According to Jose Rodriguez, who provided a video of the bug to Forbes, a simple set of gestures gives unwarranted access to a device running iOS 7.

The exploit can be initiated by swiping upwards on the device's lock screen to access the Control Center and open the Clock app. Once the clock app is open, holding the phone's sleep button will cause the "Slide to Power Off" option to appear. Tapping on cancel at this juncture and then double clicking on the home button will open the phone's multitasking screen, providing access to the camera and the photos on the device. The key to the trick, however, is to access the camera app from the lock screen first, causing it to appear in the recently used apps list.

Because the photos from the camera app can be shared via Flickr, Twitter, Facebook, and email, an intruder can also gain access to those apps using the sharing tools.

I tested the technique on an iPhone 5 running iOS 7, and it worked. Rodriguez’s video shows it working on an iPad, too. It’s not yet clear if the same exploit can bypass the lockscreen of an iPhone 5s or 5c, but Rodriguez tells me he believes it will. I’ve reached out to Apple for comment and I’ll update this post if I hear from the company.

Apple has been plagued by lock screen vulnerabilities multiple times over the course of the year, with a bug appearing in iOS 6.1 that allowed lock screen access to the phone when the emergency call function was manipulated.

The current iOS 7 vulnerability can be avoided by preventing the Control Center from appearing on the lock screen. The setting can be turned on by opening the Settings app, selecting "Access on Lock Screen" and toggling it off.

Update: Apple has told AllThingsD that it is working on a fix.

"Apple takes user security very seriously," Apple spokeswoman Trudy Muller told AllThingsD. "We are aware of this issue, and will deliver a fix in a future software update."

Top Rated Comments

stephen1108 Avatar
137 months ago
I've always wondered how people stumble upon these vulnerabilities, then turn around and are even able to recreate them.
Score: 31 Votes (Like | Disagree)
AppleMark Avatar
137 months ago
Here we go again....

One of the reasons I wait a week or two before upgrading.
Score: 14 Votes (Like | Disagree)
RedRaven571 Avatar
137 months ago
ive been trying to get this to happen, cant make it work on my 5.

That's because you forgot to put your left index finger in your right ear....:confused:
Score: 12 Votes (Like | Disagree)
notjustjay Avatar
137 months ago
I've always wondered how people stumble upon these vulnerabilities, then turn around and are even able to recreate them.

Often just by playing around. Sometimes playing around leads to one thing which causes you to realize "Wait, what if I do this too?" and, whoops, you've stumbled on a path that nobody ever expected.

Then you realize you're in the "bad" state (I can see photos and I'm not supposed to be able to!) and the next step is to try to recreate the actions that got you there, until you distill it down to exactly what the problem is.

Then you file a problem report to the software guys and they can fix it...

Locking down software is kind of like locking down a physical room. It's easy to set up the obvious stuff -- put locks on the doors and windows -- but then you have to start thinking about the more far-fetched scenarios. What if you gained access to the boiler room, then snuck up through the ceiling tile? What if someone manages to find the spare key to the lock that you left in the bedroom? Thorough testing, and/or reports from accidental discoveries like this, are what's needed to plug up all the holes.

Do people have nothing better to do than to try and find ways to break iOS?

No software is perfect. Don't you want them to find the flaws so they can be fixed quickly?
Score: 9 Votes (Like | Disagree)
aircanman Avatar
137 months ago
Do people have nothing better to do than to try and find ways to break iOS?
Score: 9 Votes (Like | Disagree)
DavidLeblond Avatar
137 months ago
Mine still says up to date..... Is that a 5?
7.0.1 is 5S and 5C only. That picture is clearly a 5S. Look at the home button.
Score: 8 Votes (Like | Disagree)

Popular Stories

reset password request iphone

Warning: Apple Users Targeted in Phishing Attack Involving Rapid Password Reset Requests

Tuesday March 26, 2024 4:34 pm PDT by
Phishing attacks taking advantage of Apple's password reset feature have become increasingly common, according to a report from KrebsOnSecurity. Multiple Apple users have been targeted in an attack that bombards them with an endless stream of notifications or multi-factor authentication (MFA) messages in an attempt to cause panic so they'll respond favorably to social engineering. An...
iPhone Home Screen Gradient Blank Spaces 1

Sources: iOS 18 Lets Apps Be Placed Anywhere on Home Screen Grid

Sunday March 24, 2024 1:33 pm PDT by
iOS 18 will give iPhone users greater control over Home Screen app icon arrangement, according to sources familiar with the matter. While app icons will likely remain locked to an invisible grid system on the Home Screen, to ensure there is some uniformity, our sources say that users will be able to arrange icons more freely on iOS 18. For example, we expect that the update will introduce...
Generic iOS 18 Feature Purple

iOS 18: What to Expect From 'Biggest' Update in iPhone's History

Wednesday March 27, 2024 11:10 am PDT by
At least some Apple software engineers continue to believe that iOS 18 will be the "biggest" update in the iPhone's history, according to Bloomberg's Mark Gurman. Below, we recap rumored features and changes for the iPhone. "The iOS 18 update is expected to be the most ambitious overhaul of the iPhone's software in its history, according to people working on the upgrade," wrote Gurman, in a r...
maxresdefault

Apple Announces WWDC 2024 Event for June 10 to 14

Tuesday March 26, 2024 10:02 am PDT by
Apple today announced that its 35th annual Worldwide Developers Conference is set to take place from Monday, June 10 to Friday, June 14. As with WWDC events since 2020, WWDC 2024 will be an online event that is open to all developers at no cost. Subscribe to the MacRumors YouTube channel for more videos. WWDC 2024 will include online sessions and labs so that developers can learn about new...
apple maps 3d feature

Apple Maps May Gain Custom Routes With iOS 18

Tuesday March 26, 2024 3:10 pm PDT by
Apple may be planning to add support for "custom routes" in Apple Maps in iOS 18, according to code reviewed by MacRumors. Apple Maps does not currently offer a way to input self-selected routes, with Maps users limited to Apple's pre-selected options, but that may change in iOS 18. Apple has pushed an iOS 18 file to its maps backend labeled "CustomRouteCreation." While not much is revealed...
iPad Pro 2024 Landscape Camera Feature

New iPad Pro Again Rumored to Feature Landscape Front-Facing Camera

Monday March 25, 2024 5:43 am PDT by
The next-generation iPad Pro will feature a landscape-oriented front-facing camera for the first time, according to the Apple leaker known as "Instant Digital." Instant Digital reiterated the design change earlier today on Weibo with a simple accompanying 2D image. The post reveals that the entire TrueDepth camera array will move to the right side of the device, while the microphone will...
sonoma desktop wwdc

Apple Releases macOS Sonoma 14.4.1 With Fix for USB Hub Bug

Monday March 25, 2024 10:10 am PDT by
Apple today released macOS Sonoma 14.4.1, a minor update for the macOS Sonoma operating system that launched last September. macOS Sonoma 14.4.1 comes three weeks after macOS Sonoma 14.4. The ‌‌‌‌macOS Sonoma‌‌ 14.4‌.1 update can be downloaded for free on all eligible Macs using the Software Update section of System Settings. There's also a macOS 13.6.6 release for those who...