contador web Skip to content

Break in iOS 13 bypasses the lock screen and provides access to contact data

O iOS 13 It will be released on Thursday, but if you think Ma's new mobile operating system doesn't have (or featured) any "security holes", you might want to reconsider.

Unlike malware and spyware (which help hackers break into devices to collect user information), there is a more “brave” way to bypass iOS defense systems and access certain information from a device we have commented on a few times.

Once again, the Spanish hacker Jose Rodriguez pointed to a new flaw in iOS that makes it possible to access contact data from iPhones; This time, however, the problem hits the new version of the OS just about the time of its release to the general public.

The "technique" Rodriguez used to exploit the similar breach he demonstrated in the flaw involving iOS 12.1. As you can see on the video above, to bypass the iOS 13 lock screen and access contact data from an iPhone, I need that device to receive a call to access the Messaging app; From there, he "plays" with Siri to enable / disable the VoiceOver feature until he sees the contacts on the device.

By viewing the card of a particular contact, it is possible to obtain email addresses, address information in addition to one's own number. Both the AppleInsider how much The verge reproduced the above procedure and said that the verse Golden master (GM) of iOS 13 still has the flaw, but the problem seems to have been fixed in iOS 13.1, which is already in the third test version and will be released at the end of this month (30/9).

Although potentially invasive, successfully completing this process requires physical access to the iPhone and some time to complete all steps; In addition, an attacker must know your number / email address to be able to make a call (or a FaceTime call) to your device.

Still, if you have a flea behind your ear in situations like this, be aware that you can protect yourself against this type of intrusion by disabling Siri on the locked screen (Touch ID / Face ID and Siri Code settings), which makes it impossible for a person to turn on VoiceOver and so on.