Another iPhone passcode bypass is making the rounds this week that reportedly allows users to trick Siri into skirting around the device’s usual lockscreen to view, edit and call any of the phone’s contacts. The flaw apparently affects the most recent iOS build, 7.1.1 and allows the bypass of both the iPhone 5’s security lockscreen and its TouchID sensor via voice command.
Some may argue this is really more of a partial bypass or a trick, instead of a full bypass as an attacker would have to physically have access to a phone running 7.1.1. Perhaps most importantly the user would also have to have Siri enabled on his or her lockscreen to be vulnerable. Even then, the attacker would only have access to the user’s contacts. It’s unclear if Apple has a patch in the works for this particular issue but it does appear the company is working on a fix for another problem with the mobile operating system.
Andreas Kurtz, a security researcher and co-founder of Germany’s NESO Security Labs, discovered late last month that email attachments could be read without encryption or restriction if an attacker accessed the device’s file system, MobileMail.app, in recent builds of iOS.
Kurtz was able to restore an iPhone 4 to both 7.1 and 7.1.1 and set up an IMAP email account to carry out his research. Then Kurtz shut down the device, accessed the file system and mounted the iOS data partition. He was then able to find all of the email’s attachments accessible without encryption or restriction.
When 7.1.1 was released about two weeks ago, it fixed a serious SSL issue in OSX and iOS that could have allowed an attacker to intercept data via a man-in-the-middle attack on SSL connections.