iOS 6.1.3 security flaw allows passcode lock bypass… again [VIDEO]

Passcode bypassiOS 6.1.3 has only just been released by Apple, and already a security hole has been followed – allowing anyone to bypass the passcode lock on iPhones, and access private data on the device.

Embarrassingly for the Cupertino company, one of the main reasons for installing iOS 6.1.3 was that it promised to fix other security flaws that allowed the lock screen to be bypassed.

The flaw was found by “videosdebarraquito”, who seems to be making a hobby of embarrassing Apple by uncovering lock bypass flaws. In a video he demonstrates that it’s not particularly complicated to avoid the iOS 6.1.3 passcode lock if you have physical access to the device and a widget for removing the SIM card.

Here is videosdebarraquito’s video, where he demonstrates how the passcode can be bypassed:

Sign up to our free newsletter.
Security news, advice, and tips.

It appears that circumventing the passcode lock can allow an unauthorised party access to the device’s photo gallery and use the phone.

The good news is that this security flaw can be easily prevented. The passcode bypass relies upon use of the “Voice Dial” feature of iPhones, which is disabled on devices using Apple’s Siri voice recognition feature.

If you *aren’t* using Siri, then the recommendation is to disable “Voice Dial”. If you do that, your device shouldn’t be prone to this passcode bypass.

Disable the Voice Dial option

You can disable “Voice Dial” on your iPhone by going to Settings / General / Passcode Lock. (Note that if you have Siri enabled you won’t see an option for “Voice Dial” there, as it has been automatically disabled).

Easy as it is to avoid this flaw putting your iDevice at risk, it’s still embarrassing for Apple as it comes so soon after other passcode lock bypasses were publicised.

Let’s hope that Apple fixes this flaw soon, and shuts a permanent door on passcode lock bypasses.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.