Latest iOS 7 bug allows calls to be made from a locked iPhone

Latest iOS 7 bug allows calls to be made from a locked iPhone

Yes, it is an emergency.

An iOS 7 user has discovered a worrying security flaw within the software, which enables calls to be made while the iPhone is locked.

The flaw can be exploited using the emergency call screen that can be accessed from the lock screen. Once the phone's keypad is open, any number can be dialled by repeatedly tapping the call button.

In a video shot by iPhone users Karam Daoud and passed onto Forbes, tapping the call button numberous times causes the screen to go black and the Apple logo to appear.

After that, the call to any number, including international and premium phone numbers is completed as if the phone were unlocked.

Any number, any time

"Once the black screen appeared, it was pretty clear that this is a bug," says Daoud from Ramallah in Palestinian. "You can dial a number anywhere, any time."

He also claims to have repeated the trick on older iPhones running older versions of iOS and enjoyed further success, so it appears the problem is not confined to iOS 7.

The bug is the second security flaw uncovered within iOS 7 since its release in midweek. The first lockscreen vulnerability allowed access to the device's photos and email. However, that required a much more complex combinations of presses and swipes.

Apple says it is working on a fix for the first issue, but is yet to comment on the more recent discovery.


Source : techradar[dot]com

iPhone 5S Touch ID tech is no joke, says comedian-turned-politician

iPhone 5S Touch ID tech is no joke, says comedian-turned-politician

Franken wants assurances over Touch ID sensor

The new Touch ID fingerprint sensor within the iPhone 5S handset has come under fire from a prominent U.S. politician, who has expressed concern the data could be used to 'impersonate a person for life.'

Senator Al Franken, a former comedian who is chairman of the Senate Judiciary Subcommittee on Privacy, Technology and the Law, wants assurances from Apple regarding how the prints will be safeguarded.

In an open letter to Apple CEO Tim Cook, the representative for Minnesota pointed out that passwords can be changed infinitely, but once thieves get hold of our prints, it's the end of the road.

He wrote: "Passwords are secret and dynamic; fingerprints are public and permanent. If you don't tell anyone your password, no one will know what it is. If someone hacks your password, you can change it -- as many times as you want. You can't change your fingerprints. You have only ten of them. And you leave them on everything you touch; they are definitely not a secret. What's more, a password doesn't uniquely identify its owner -- a fingerprint does. Let me put it this way: if hackers get a hold of your thumbprint, they could use it to identify and impersonate you for the rest of your life."

Can it be extracted?

Apple has assured that the fingerprint data will never leave the iPhone 5S and will never be stored on the company's servers or uploaded to iCloud.

Third party developers have also been shut-out from using the tech at this stage.

However, despite conceding that Apple has probably implemented this tech responsibly, Franken wants to know whether its possible to extract the fingerprint data from the device itself.

In one of a number of questions within the letter he asked: "Is it possible to extract and obtain fingerprint data from an iPhone? If so, can this be done remotely, or with physical access to the device?"


Source : techradar[dot]com

It's free
archive