back to article iOS 6.x hack allows personal data export, free calls

Hackers can access iPhones running iOS 6.x without passcodes, and will then be able to access and export the address book, send emails and make phone calls. Jailbreak Nation has discovered the method for doing so and The Reg can confirm the method works after a sequence of swipes and key presses. It worked for us on an iPhone …

COMMENTS

This topic is closed for new posts.
  1. Winkypop Silver badge
    Trollface

    "a sequence of swipes and key presses"

    That's probably already patented!

    1. Anonymous Coward
      Anonymous Coward

      Re: "a sequence of swipes and key presses"

      There appears to be a join in the video just before the guy gets access to the phone.....

      Is it April 1st?

      1. Zaphod.Beeblebrox
        Thumb Down

        Re: "a sequence of swipes and key presses"

        Nope, it is indeed February 15th. Were there any doubt, this quote from the article should help dispel it: "It worked for us on an iPhone 5 running iOS 6.02, not just iOS 6.1 as Jailbreak Nation suggests."

    2. Bob Vistakin
      Facepalm

      You're securing it wrong

      Apple has responded: "Just don't secure it that way.

      You stupid little user."

  2. Jordan Davenport

    Seems like a race condition

    Depending on how the screen locker is coded, it could be as simple as tweaking a few lines to deploy a "fix" to buy more time to properly fix the thing. Given that the home button is effectively disabled, it seems as if the locking method is just interrupted while setting variables in the system.

  3. Anonymous Coward
    Pint

    iPhones don't really do this.

    The thieves are just holding them wrong.

    1. Velv
      Coat

      Re: iPhones don't really do this.

      Actually, judging by the video and instructions, it look like you need to hold it just right!

  4. CaptSmegHead
    Go

    Defects in an apple product ? ! -- commence the iSlagathon !!

  5. mIRCat
    Paris Hilton

    The rest of us will have to wait six months before we get this feature on our droids. Those iPhone kids have all the luck.

    Paris. Why not?

    1. Anonymous Coward
      Anonymous Coward

      You don't need it. Google already has all the access it needs..

  6. Darkwolf

    They say its a bug...

    back in my day, we called these backdoors.

    1. Anonymous Coward
      Anonymous Coward

      Re: They say its a bug...

      I beg to differ.

      Its a feature.

  7. Anonymous Coward
    Anonymous Coward

    "free calls" ≠ "run up a colossal phone bill"

    Glad to see El Reg isn't about to let quaint conventions like the facts impede the torrent of rabid sensationalism.

    This is obviously another very serious fuckup from Cupertino... there's NO NEED to misrepresent it.

    1. John Tserkezis

      Re: "free calls" ≠ "run up a colossal phone bill"

      If I pick up someone else's phone with iOS6, enter the correct keyswipes, and make calls THAT ARE FREE TO ME, then the calls are free.

      Which bit of that did you miss? No misrepresentation here.

      1. Anonymous Coward
        Anonymous Coward

        Re: "free calls" ≠ "run up a colossal phone bill"

        The bit where you have physical access to a £600 phone and you're worrying about the fact someone may run up a phone bill for a few quid.

        1. This post has been deleted by its author

        2. GBL Initialiser

          Re: "free calls" ≠ "run up a colossal phone bill"

          Whoops misread.

  8. This post has been deleted by its author

    1. frank ly

      Re: EPIC WINDOWS FAIL!

      You're suffering from Stockholm syndrome. Go and install Linux on an old laptop and you'll be fine.

  9. Anonymous Coward
    Anonymous Coward

    This isn't the first time...

    ...back in iOS4 there was another vuln allowing passcode bypass.

    Seriously Apple?

  10. jubtastic1
    Meh

    Note that Siri

    Gives you access to all this and more from the lock screen anyway, in fact it would be nice if the phone noticed Siri had been activated from the headset and that the phone was in a pocket so as not to activate the screen and allow accidental mute, speakerphone, FaceTime etc interruptions to calls.

  11. Downside
    Stop

    its not exactly very usable

    Thats quite an involved hack that requires you to hold the sleep button the whole time the device is cracked. Its not like the device is unlocked or 'day-to-day usable. I'd not get the SW team working the weekend on it if I was Tim Cook.

    If ppl want to sweat about security, the majority of front door locks in the EU are easily bypassed by crims, but I don't see Yale coming rounf my house with an urgent patch for snappable barrel locks.

    I'm just curious how the jailbreak kids found the 'unlock sequence' (if you can call it that).

    1. M Gale

      Re: its not exactly very usable

      Phones are often left out on coffee tables, desks and random bars (where they sometimes go missing, especially prototypes). Less so front doors.

      1. Adam 1

        Re: its not exactly very usable

        What are you on about? Front doors are frequently outside bars.

  12. HandleOfGod

    Cutting edge bugs

    This is why the tech on the Curiosity Rover is all old hat. Cutting edge tech will always experience problems and updates will always introduce bugs which get fixed by the next update which introduces new bugs and so on. That's just how it is, either live with it or get a boring old Nokia feature phone I guess!

    1. Annihilator
      Boffin

      Re: Cutting edge bugs

      Yeah that Sky Crane malarkey was positively pedestrian....

      There's a difference between "cutting edge" and "tested and built to extremes with redundancies" :-)

      Nokia phones have had their share of bugs too though.

      1. PaulR79

        Re: Cutting edge bugs

        "Nokia phones have had their share of bugs too though."

        Yup. I remember my old Nokia 6280 which had a firmware update that bricked the phone. It was a very common issue on the update but they didn't pull it.

    2. rcorrect

      Re: Cutting edge bugs

      What if we could make free calls and check Facebook from Curiosity Rover?

  13. El_Fev
    Thumb Up

    So let me get this straight...

    You have free class to the people in the address book? becuase unless this hck allows you to dial new numbers its useless, and the phone will be disabled anyway as soon as its reported missing anyway. Nice click bait artcle tho Mike Magee would be proud

    1. ratfox

      Just tested it on my phone: You get access to the phone app

      You can dial new numbers, listen to voicemails, see the contacts and the history.

      Interestingly, if a contact has a homepage defined, you can normally tap on it and open the browser; but that did not work while using this trick. I assume that you are in a special mode where the phone app works so that you can make emergency phone calls, but nothing else does…

      A word of caution: I tried making a phone call, but the results were strange. There was no way to hang up, because the normal buttons would not show up, even after I stopped holding the sleep button. It took me a while to bring it back to a normal state.

      1. Annihilator

        Re: Just tested it on my phone: You get access to the phone app

        I couldn't listen to the (visual) voicemails, but could dial any number I liked.

  14. Anonymous Coward
    Anonymous Coward

    Surprise

    Why is it that when we see the word "exploit" or the phrase "security problems/issues", the article is always about Microsoft.

    People need to give themselves a shake and stop using MS products!

    1. serendipity
      Thumb Down

      Re: Surprise

      AC? Eadon we know its you!

      1. Anonymous Coward
        Anonymous Coward

        Re: Surprise

        Bah! How did you guess? Did you know I'm Obviously! as well, apparently.....

  15. Anonymous Coward
    Anonymous Coward

    Surely if you have stolen someones phone with the intention of making free calls you could just pop the SIM out and into a different phone and start dialling? Most people do not have a SIM lock code I'd imagine.

    1. Anonymous Coward
      Anonymous Coward

      All my SIM card were protected by a code straight out of the box

      I assume in depend on what country you are in.

  16. Anonymous Coward
    Anonymous Coward

    just works

    Type your comment here - basic HTML allowed

  17. Electric sheep
    Trollface

    But the question I want answering is

    Who the hell finds these things out?

    How bored must you be to do all those actions to see if anything happens?

    1. Anonymous South African Coward Bronze badge
      Trollface

      Re: But the question I want answering is

      Most probably a bored Windows sysadmin, not having any work to do...

  18. JaitcH
    FAIL

    Just another undocumented feature that Apples engineering missed

    So where's the problem? Apple products aren't thoroughly tested, when a new version is issued the back-shop boys are busy working on the next version,

    Pity Apple doesn't test them during production, rather than in the field.

  19. Anonymous Coward
    Anonymous Coward

    I've increased the security of my iPhone...

    ...by simply carrying a large, nail studded club with me at all times. The nails go a little rusty after bathing, but I think this just adds to its overall effectiveness.

    1. Anonymous Coward
      Anonymous Coward

      Nice, all Apple need to do to make it patentable is add a way of attaching it to the device so they can add "on a mobile" to the application.

      Problem solved!

  20. Arachnoid

    I dont own an iPhone but Im wondering as the thief has access can they change the log in password and thus use the device normally?

    1. Fred Flintstone Gold badge

      No, this "hack" doesn't get you very far.

      That said, the problem with this hack is that it may provide a starting point for something that DOES cause harm. As we've seen with DeCSS, all it takes is a bored kid on a rainy Sunday afternoon to fully nuke a business model, so any starting point is bad news. Apple needs to fix this.

  21. Robert Forsyth

    Isn't just to allow emergency services

    to contact your loved ones, when you have been mugged for your iPhone, oh wait.

  22. Andy Johnson
    WTF?

    Not Just iPhone5 either..

    Works on an iPhone 4 running iOS 6.0.1

  23. Robin
    Happy

    Yay

    "IOS 6.X HACK ALLOWS PERSONAL DATA EXPORT, FREE CALLS"

    I just tried this on my phone and called some saucy chat lines, all for free. Thanks for the tip-off! This is doubly-awesome since I'm calling from abroad.

  24. asdf
    FAIL

    wow

    Glad I have held off upgrading my iPAD 2 to iOS 6 as the fail keeps coming (even this only affects iPhones). Well the good thing for the poor iPAD original buyers is the difficult decision to upgrade to iOS 6 was taken out of their hands by Apple themselves because of course they know better (and use forced obsolescence as their business model)

  25. El_Fev

    OK bit confused still please help me out..

    When your phone is stolen, don't you just ring up your provider and have the sim blocked, or am I missing something ? This is the most useless hack ever. THE PROBELM IS THEY HAVE THE FECKING PHONE, THATS WHAT SHOULD BE WORRYING YOU! Sweet Weeping Jesus!

  26. Anonymous Coward
    Anonymous Coward

    Those Apples are becoming rotten.

  27. Ilonka
    Pint

    CopyTrans Contacts saves the day - and I thought I was paranoid...

    Thank God I keep a save back up of my iPhone contacts and calendars on my computer. Hopefully with iOS 6.2.1, there isn't a similar exploit opportunity. One never knows. I prefer keeping a backup of my iphone contacts, notes, calendars and text messages using third party apps such as CopyTrans Contacts.

    I do not resort to sharing my iphone data even with Apple (i.e. iCloud is taboo for me) and I regularly delete data such as sms and notes from my iphone for privacy concerns. And I thought it was me who was paranoid...

This topic is closed for new posts.

Other stories you might like