iPhone 6s, iPhone 6s Plus Lock Screen Bypass Lets Anyone Access Contacts, Photos

 
Share on Facebook Tweet Share Share Reddit
iPhone 6s, iPhone 6s Plus Lock Screen Bypass Lets Anyone Access Contacts, Photos

Apple may have fixed the bug that was causing several apps to crash on iPad and iPhone when clicking a link, but a new bug discovered since remains unpatched. A lock screen bypass has been discovered that allows users to view contact and photo albums on iPhone 6s and iPhone 6s Plus without unlocking the smartphones with a pass code or Touch ID fingerprint.

A tech enthusiast who goes by the user name Videosdebarraquito on YouTube first discovered the bug. In a video, he showed that an exploit allows a user to access the contact and photo albums of the iPhone 6s or iPhone 6s Plus without unlocking the smartphones.

By default, iOS and Android limit the number of things a user could access on the phone without unlocking the device. An iPhone user, for instance, can access the camera but cannot check the photo album or access contacts. The exploit takes advantage of unauthenticated access to Siri via the lock screen, and Siri's access to contacts and photos.

To bypass the lockscreen and access the contacts, a user needs to first activate Siri (either with the home button, or hands-free voice command Hey Siri), and search for Twitter. The next part of the trick is to search for "@gmail.com" or the domain name of any other email provider with the "@" prefix, which returns a list of results.

From here, a user is required to click the tweet button and then, using the 3D Touch of the iPhone 6s and iPhone 6s Plus, press on the email address and wait for the pop-up window to appear. According to the YouTuber, users will now see a "Add new contact" button, which they need to click. This will give them access to all photos on the device, and similarly, clicking on "Add to existing contact" will give them access to contacts.

The exploit detailed may require several attempts before Siri searches Twitter for an email address. The Daily Dot reports the exploit works with 3D Touch-enabled iPhone models running iOS 9 and above through to iOS 9.3.1, though the YouTube user only points to iOS 9.3.1.

While we wait for Apple to fix this bug, you can make some tweaks to Settings to prevent unauthorised users from accessing your photos and contacts. Disabling Siri access to photos will prevent anyone to check your photos. You can do so by going to Settings > Privacy > Photos and then disable Siri.

Alternatively, you can disable Siri on the lock screen, making it impossible for anyone to exploit the bug. You can do so by going to Settings > Touch ID & Passcode and disable the Siri switch.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

  • Design
  • Display
  • Software
  • Performance
  • Battery Life
  • Camera
  • Value for Money
  • Good
  • Fantastic performance
  • 3D Touch enables new UI paradigms
  • Great camera including brilliant front flash
  • Good battery life
  • Bad
  • Ungainly
  • Touch ID is too fast!
  • 16GB storage in base variant
  • Expensive
  • More big-screen software features would be welcome

Display

5.50-inch

Front Camera

5-megapixel

Resolution

1080x1920 pixels

RAM

2GB

OS

iOS 9

Storage

16GB

Rear Camera

12-megapixel

Battery Capacity

2750mAh
  • Design
  • Display
  • Software
  • Performance
  • Battery Life
  • Camera
  • Value for Money
  • Good
  • Great design
  • Fantastic performance
  • 3D Touch enables new UI paradigms
  • Retina Flash on the front is great
  • Bad
  • Touch ID is too fast!
  • 16GB storage in base variant
  • Expensive
  • Battery life could be better

Display

4.70-inch

Front Camera

5-megapixel

Resolution

750x1334 pixels

RAM

2GB

OS

iOS 9

Storage

16GB

Rear Camera

12-megapixel

Battery Capacity

1715mAh
Gadgets 360 Staff

The resident bot. If you email me, a human will respond.

More
Amazon to Launch 'All-New, Top of the Line' Kindle Next Week
Google's April Android Security Update Fixes 8 Critical Vulnerabilities
 
 

Advertisement