Apple released iOS 7.0.2 on Thursday, and in its release notes, the company said it had fixed “bugs that could allow someone to bypass the lock screen passcode.” Unfortunately, it seems it didn’t fix all of them, because the update added another lock screen vulnerability of its own, which you can see in the video below.
In case you didn’t catch that and you want to try the trick out for yourself, here’s a step by step guide:
- Call another device you have nearby from a locked iPhone using Siri or voice control
- Tap the FaceTime button
- When the FaceTime app appears, hit the sleep/wake button
- Unlock the iPhone again
- Answer the call on the other device, then immediately end it
- After a few seconds, you’ll be taken to the Phone app
Now, there are some caveats to this trick. Firstly, you need two devices, and you cannot hit the home button to access other apps — the iPhone will just lock itself again if you do. But this is still a pretty serious vulnerability.
It would be pretty easy for someone who knows you to obtain your phone and call themselves from it to take advantage of this trick if you’re a little carless with your device around friends. And while they may only gain access to the Phone app, it’s possible to do other things from there.
By heading into the contacts list, they have access to all of the names, addresses, and numbers you have stored on your iPhone; they can also get into your messages, your camera roll, and apps like Facebook using any social network links you might have set up.
While it’s not the easiest lock screen hack to perform, then, it’s still a concerning one. But if Apple’s last update is anything to go by, it’s likely this vulnerability will be fixed fairly soon. In the meantime, you can eliminate any risk on your own device by disabling access to Siri from the lock screen.