While proving the SoFlo iPhone unlocking hoax, we stumbled upon a security bug in iOS 9.2.1. This security bug can be used to bypass the iOS device’s passcode or Touch ID. But it has to be done in a very specific way.
How To Exploit This Bug In iOS
Here is how you can exploit the bug in iOS 9.2.1 to gain access to every photo, video and contact stored in the iOS device, whether it is an iPhone, an iPad or an iPod touch.
- Log into the iOS device using the passcode / Touch ID.
- Open the Clock app and go to World Clock, and add a new Clock.
- Type a random word in the Search bar.
- Select the random word and tap to Share as a Message.
- Once the New Message screen opens, turn off the iOS device.
- Call Siri (without logging in using Touch ID / passcode) and ask for the time
- Click on the Clock after Siri tells you the time.
- Siri will not open up the World Clock, but will take you straight into New Message.
- Now add a random word to “To:” bar, and press Return.
- Double tap on the random word (now green in colour). It will bring you to the Info screen.
- Tap on Create New Contact.
- Tap on Add Photo. This will allow you to access the Photos app and EVERY photo and video in the iOS device.
- You can also tap on Add to Existing Contact to access the entire Contact List.
Don’t Worry… Too Much
As you can tell by now, this security bug is very hard for a hacker to exploit. It requires prior access to the iOS device to “set up” the exploit.
The hacker will have to trick the owner into granting access to the iOS device. Then the hacker can follow the steps above up to no. 5. This will allow the hacker to exploit the bug (at a later time) to gain access to the iOS device’s photos, videos and contacts.
While this is a remote possibility, we nevertheless reported the security bug to Apple :
We then tested to see if the exploit would work on iOS 9.3 beta, and discovered something interesting.
It appears that Apple finally decided that it was superfluous to offer a Share option in the Clock app. How is that functionality useful to the user? It’s practically useless. So they removed the Share option completely.
In other words, even if you are logged into the iOS device, you can no longer go to the Clock app, key in a random word and Share it. The option is gone. As far as we can tell, it was gone as early as iOS 9.3 beta 5. We confirmed this in iOS 9.3 beta 6 as well (naturally).
So don’t worry too much. The coming iOS 9.3 update will fix this security bug in iOS 9.2.1 once and for all. In the meantime, just be careful who you lend your iOS device to!
Support Tech ARP!
If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!