iOS 7 Lock Screen Vulnerability Gives Access to Photos, Email

There appears to be a lock screen vulnerability in iOS 7 that allows access to a device’s photos, email, and social networking accounts. According to Jose Rodriguez, who provided a video of the bug to Forbes, a simple set of gestures gives unwarranted access to a device running iOS 7.

The exploit can be initiated by swiping upwards on the device’s lock screen to access the Control Center and open the Clock app. Once the clock app is open, holding the phone’s sleep button will cause the “Slide to Power Off” option to appear. Tapping on cancel at this juncture and then double clicking on the home button will open the phone’s multitasking screen, providing access to the camera and the photos on the device. The key to the trick, however, is to access the camera app from the lock screen first, causing it to appear in the recently used apps list.

Because the photos from the camera app can be shared via Flickr, Twitter, Facebook, and email, an intruder can also gain access to those apps using the sharing tools.

I tested the technique on an iPhone 5 running iOS 7, and it worked. Rodriguez’s video shows it working on an iPad, too. It’s not yet clear if the same exploit can bypass the lockscreen of an iPhone 5s or 5c, but Rodriguez tells me he believes it will. I’ve reached out to Apple for comment and I’ll update this post if I hear from the company.

Apple has been plagued by lock screen vulnerabilities multiple times over the course of the year, with a bug appearing in iOS 6.1 that allowed lock screen access to the phone when the emergency call function was manipulated.

The current iOS 7 vulnerability can be avoided by preventing the Control Center from appearing on the lock screen. The setting can be turned on by opening the Settings app, selecting “Access on Lock Screen” and toggling it off.

Update: Apple has told AllThingsD that it is working on a fix.

“Apple takes user security very seriously,” Apple spokeswoman Trudy Muller told AllThingsD. “We are aware of this issue, and will deliver a fix in a future software update.”


    



Related posts

Latest posts

Conflicting reports on the Galaxy S25 Slim have me worried

The Galaxy S25 Slim isn't expected to launch during next week's Galaxy Unpacked, but some reports say it isn't coming to the US market at all.

I might have found the answer to my Mac gaming problem

I’ve been thinking of ditching my Windows PC for macOS and I’m worried about gaming performance, but I think I might have just found the perfect solution.

Microsoft Outlook has a new ‘critical’ flaw that spreads malware easily

There is a bug in Microsoft out look that makes sending malware very easy by performing this common gesture when going through your emails.

I love this new Mail feature in iOS 18.2, but it still needs work

We need to talk about Apple Mail's new categories feature on iOS 18.2

Every phone needs to copy this 50W wireless charging feature

The OnePlus 13 features faster magnetic charging than any other smartphone out there, and other brands should take note.

The Netgear Nighthawk Wi-Fi 6E Router is only $280 on Amazon today

Treat your web-connected devices to fast, reliable, and secure Wi-Fi with the Netgear Nighthawk Wi-Fi 6E Router, now on sale for just $271!

Leaked Galaxy S25 series promo focuses on the handset’s new AI experiences

As we near the Galaxy S25 series launch, more leaked material surfaces.

ChatGPT moves in on Google again as ‘Scheduled Tasks’ enters beta

OpenAI detailed the start of its Scheduled Tasks test for ChatGPT users.

Best Buy wants to give you 100 bucks for buying the OnePlus 13R — here’s how it works

Buy the unlocked OnePlus 13R from Best Buy and you'll get a free $100 gift card, no strings attached!

Samsung’s apps might work closer with Gemini as several extensions leak

A leak suggested that Gemini will provide several new extensions specifically for Samsung's apps.