Apple's security in its iDevices is one of the biggest USPs, but there have been a few occasions when the security of iPhones' walled-garden of iOS has brought into question. After Google's report created an iPhone hack scare and Apple slammed the web giant for exaggerating the claims, a new report suggests the latest iOS 13 has a security flaw that can be used to partially bypass iPhone's lock screen.
Apple will be releasing its iOS 13 to its iPhone users this week and the security flaw discovered by a security researcher Jose Rodriguez appears to still be working with Gold Master (GM) version of iOS 13. According to The Verge, Rodriguez reported the vulnerability to Apple on July 17 and a fix is not too far off.
What is the iOS 13 security flaw?
As per a video shared by Rodriguez, a simple technique of accessing the voiceover feature from Siri during a FaceTime call can grant access to the contact list. This trick can further allow access to email addresses, phone numbers, addresses and more information stored under a contact's name. The minor loophole doesn't allow access to Photos or any other confidential information stored on an iPhone.
While most users might not see this as an imminent threat and not to mention the added steps simply to access contacts, it is still a flaw that Apple needs to fix. Sadly, iOS 13 will not be released with the patch, but Rodriguez found that beta copies of iOS 13.1 have no sign of the lock-screen bypass flaw. Apple is expected to release iOS 13.1 on September 30.
Déjà vu?
Sadly enough, this is not the first time we are hearing of such a bug in iOS. To recall, a similar loophole in the iOS 6.1 version in 2013 allowed hackers to access much more than contacts. Anyone with physical access to a locked iPhone could retrieve phone records, contacts and even photos by trying to create a contact while placing an emergency call.
When Apple released the iOS 7 update, no one had thought the recurrence of the bug, but it came back stronger. Using another trick in the Control Center, iOS 7 bug allowed access to user's photos, emails, texts, Facebook, Twitter and Flickr accounts on a locked iPhone. Rodriguez had tipped off The Verge of the security flaw in iOS 7 back then.
More recently, iOS 12.1 update was tricked into giving away contact information bypassing the lock-screen on an iPhone during a FaceTime call. Apple eventually fixed all the bugs, but not before they were reported by security researchers.
To see the latest iOS 13 security flaw in action, check out the video below: