Easy iPhone Lockscreen Bypass Found in iOS 7

News
By Paul Wagenseil
published

The latest iPhone lockscreen bypass strings together Control Center, Airplane Mode and a missed-call notification to break into a device.

Yet another lockscreen bypass has been discovered in Apple's iOS 7. While this one only grants you access to the last app the iPhone's owner was using, it's easy to replicate and is more consistently successful than most iOS lockscreen bypasses.

As detailed by a young man named Daniel who posts videos to YouTube under the name EverythingApplePro, the bypass works by stringing together Control Center, Airplane Mode and a missed-call notification. We were able to replicate it several times on an iPhone 5s running iOS 7.1.1.

MORE: 10 Tips Every iPhone Owner Should Know

Control Center is a feature introduced in iOS 7 that lets the user control music playback, wireless connectivity, the camera and other often-used apps and settings from a single screen. By default, the user can access Control Center from the lockscreen without entering a passcode.

First, two preparatory steps: In Settings —> Control Center, make sure "Access on Lock Screen" is on. Then call the targeted iPhone and hang up before it answers.

Now that you've got the device primed, here's how someone could leverage Control Center to break into an iPhone.

  1. Press the power button to turn off the screen, or wait a few seconds until the screen goes dark.
  2. Press the power button to wake up the screen.
  3. Swipe up from the bottom of the screen to bring up Control Center.
  4. Turn on Airplane Mode by tapping the airliner icon on the top left of the Control Center interface.
  5. Swipe down to hide Control Center.
  6. Swipe down from the top of the screen to display the Notifications screen. (You still haven't unlocked the screen.)
  7. Tap the missed-call notification.

If you do all that within a couple of seconds, you'll find yourself facing the same app the user had open when the iPhone's screen was powered off — without having to type in the passcode.

If that app is Mail, you'll be able to read, send and delete messages from the user's account. If it's Settings, you can change many of the phone's settings. If it's Facebook or Twitter and the user is logged in — go to town.

You won't be able to access any other apps, as hitting the Home button takes you back to the lockscreen. But this is still a significant security hole.

Lockscreen bypasses for iOS are discovered pretty regularly — the previous one was disclosed just over a month ago — but they're often hit-or-miss, with several failed attempts before you can get through. This one worked every time, as long as the conditions were right and we executed the steps swiftly.

To make sure you don't fall victim to this vulnerability, simply disable Control Center access from the lockscreen.

A request for comment sent to Apple was not immediately returned.

Follow Paul Wagenseil at @snd_wagenseil. Follow Tom's Guide at @tomsguide, on Facebook and on Google+.

Paul Wagenseil
Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.