Home / Lifestyle / Mobile / Apple / Hacker discovers iPhone passcode bypass in iOS 12

Hacker discovers iPhone passcode bypass in iOS 12

After introducing its proprietary facial recognition technology in its previous generation iPhone X, Apple still touts security as a flagship feature in the iPhone XS series. Unfortunately, the latest version of iOS 12 has reportedly given way to another ‘passcode bypass’, making it possible to access the photos and contacts of a device without submitting a password.

Security researcher Jose Rodriguez showcased the workaround on his YouTube channel, stating that while he is using an iPhone XS Max to perform the trick, any device running iOS 12, and the iOS 12.1 beta is at risk. Fortunately, it seems as though the technique doesn’t work with Face ID enabled, and takes quite a bit of time and perfection to execute.

The method begins by prompting Apple’s voice assistant, Siri, to enable Voiceover. A second device is needed to make a call to the victim handset. The attacker then needs to open the messages menu on the original device while it's calling, before sending a text from the second smartphone. Although a blank white screen is displayed, the perpetrator is then able to navigate the underlying menu by using Voiceover to know what they're accessing.

Those unwilling to utilise Apple’s Face ID are in luck, as there is a simple setting that will prevent this circumvention from working. Simply revoke Siri’s lock screen access by going into the device’s Settings and navigating to Face ID & Passcode, notes Naked Security.

This isn’t the first time that Apple has seen its security bested, or a passcode bypass enacted, however this is distinctly more complicated than previous flaws. Apple has yet to address the matter, but it’s unlikely to exist for too much longer.

KitGuru Says: While it’s not ideal for a £1000 smartphone, it doesn’t seem like there’s anything to truly worry about with this security flaw. It’s still worth patching out in a timely manner, particularly those carrying sensitive data.  

Become a Patron!

Check Also

Fortnite iOS

40% of iOS Fortnite players are using Epic’s payment system

Since Fortnite was added back to the iOS App store, more than 10 million players have downloaded the game – 40% of which are using Epic’s payment system.

We've noticed that you are using an ad blocker.

Thank you for visiting KitGuru. Our news and reviews teams work hard to bring you the latest stories and finest, in-depth analysis.

We want to be as informative as possible – and to help our readers make the best buying decisions. The mechanism we use to run our business and pay some of the best journalists in the world, is advertising.

If you want to support KitGuru, then please add www.kitguru.net to your ad blocking whitelist or disable your adblocking software. It really makes a difference and allows us to continue creating the kind of content you really want to read.

It is important you know that we don’t run pop ups, pop unders, audio ads, code tracking ads or anything else that would interfere with the KitGuru experience. Adblockers can actually block some of our free content, such as galleries!