Apple's new operating system iOS 9.0 was released on 16 September. The company was on a high after reports emerged that iOS 9 adoption rate breached 50% in just a week.
However, sadly it turned out to be a PR nightmare for Apple as scores of users complained of their iDevices hanging midway during the installation.
That's not all. The new firmware had some bugs in it causing less responsive display, sudden crashing of device and some sluggishness in phone's animation features. To that Apple on Thursday (24 September) rolled out security patch iOS v9.0.1 to iDevices.
However, a new security hole has been unearthed in iOS 9.0, which if left unchecked might leave iPhones vulnerable to hackers getting access to contacts and photos on the device.
This security flaw was first escalated by a Googler, who goes by moniker videosdebarraquito. He published a video detailing the hacking technique on 19 September to get the attention from Apple.
He showed that any locked iPhone can be unlocked by a little trick that can be mastered even by a commoner. One just has to type the wrong pass-code four times and on the fifth attempt, after putting in three digits, long press the home button to activate Siri (digital voice-attempt) while you type fourth digit and ask Siri what time it is.
Once you get the written reply on the screen, tap the message. You will get to access to set clock, there you will find '+' in the top right corner. Upon clicking it, users will be directed to choose time-zone with a search bar. There you can type some words and initiate copy and paste option and immediately user gets a pop-up menu with share option. This apparently leads to message app giving away access to contacts and also the photos to share.
Check-out the video detailing Apple iPhone lock-screen passcode bypass hacking technique:
It was widely believed that Apple might have taken notice of the YouTube video and deploy a patch in the new iOS 9.0.1, but it's not the case as this threat still exists.
The new official software patch iOS 9.1 is at least two months away. This lockscreen passcode bypass security loophole is huge. It is imperative for Apple to release software patch before iOS 9.1 update.
Until the company releases the update, users can contain this threat by doing some tweaking in the settings. Here's how one can curb the Lockscreen Passcode bypass threat.
Go to Settings >> Touch ID & Passcode >> Siri >> turn off
For those Apple devices without Touch ID, go to Settings >> Passcode >> Siri >> turn-off.
With Siri turned off, hackers will not be able to unlock the iPhone without the right password. If the user fails to type correct numbers in five attempts, iPhone will automatically get locked for one minute and he/she will have to go through the same process again and again until the right number combination is typed.