It's not even two days since iOS 7 public release and people have figured out security flaws already. Incidentally, someone also put up a $13,000 bounty for anyone who can bypass the TouchID security enclave and decode fingerprint data.
First off, there is no need to panic. At least, not yet. Two security issues have been uncovered and according to news reports, Apple is aware of the loop holes and is working to fix them.
What are the iOS 7 security flaws? Here we go:
#1. Find My iPhone Can be Severed By a Thief Through Siri
When your iPhone is stolen, one of the best things that can help you protect the data (and possibly recover the iPhone by tracking it) is Find My iPhone.
However, this can be bypassed when the thief switches off your iPhone's network (Wifi or 3G/LTE). While Activation Lock ensures that the iPhone cannot be re-activated without using the pin to authenticate it, it is possible that with this security loop hole, a thief can turn on Airplane mode and then work on breaking the pin without worrying about being tracked.
To do this, all one has to do is swipe from the bottom of the lockscreen. Up pops the Control Center and there you go: the Airplane mode. Turning it off doesn't require passcode entry.
#2. Apps Can Be Accessed Without Entering The PIN
This happens through the Control Center too. However, the loop hole requires a complex set of procedures that aren't not too tough to replicate. You can try that too.
We won't be detailing the procedure here. There is no point in doing that with almost all of the responsible and popular tech blogs writing about it in excruciating detail.
Suffice it to say that the security flaw in iOS 7 simply lets someone without passcode to access your apps, photos, camera etc. without entering the passcode.
How to Fix iOS 7 Security Flaws
The simplest solution is to disable Control Center from lockscreen. To do this:
- Go to Settings
- Tap on Control Center
- Turn off the switch for Access on Lock Screen
So till Apple fixes the flaw, you've got a solution.