Apple last week released an iOS 7 software update fixing a security flaw that let users bypass the iPhone lockscreen to access a range of onboard information and online accounts.
IOS 7.0.2 seems to be mainly a security patch, but the update screen also says there is a new Greek alphabet keyboard option for entering a passcode.
A day after iOS 7 was released earlier this month, Forbes’ Andy Greenberg reported that a US soldier had somehow uncovered a rather complex series of actions that let him bypass the lockscreen, at least on existing iPhones that updated to the new firmware.
The actions involved swiping upwards on the lockscreen to bring up the iOS Control Center, then opening the alarm clock app, then holding down the power button to show the ‘power off’ and ‘cancel’ options, then tapping ‘cancel’ and finally quickly double-clicking the home button to bring up the multitasking screen for various apps.
According to Greenberg’s account, the user could then access the phone’s camera and stored photographs and, more importantly, the ability to share the photos via various associated accounts, and therefore access them: including email, Twitter, Facebook and Flickr.
by John Cox, Network World