Even with the latest iOS 9.0.1 update, your iPhone’s lockscreen is unsafe

Graham Cluley
Graham Cluley
@[email protected]

iOS 9.0.1, the first update for the recently-launched iOS 9, came out this week – fixing several bugs.

iOS 9.0.1

Unfortunately it appears that there wasn’t time to fix a vulnerability Jose Rodriguez informed me about before the weekend, allowing unauthorised users to bypass your iPhone or iPad’s lockscreen.

Before you know it, anyone with physical access to your ‘locked’ device could be accessing your personal photographs and contacts.

Sign up to our free newsletter.
Security news, advice, and tips.

Rodriguez informed Apple of the security hole just before iOS 9.0 was released, and made a step-by-step video demonstrating how the vulnerability can be exploited:

Beware! Passcode Bypass iOS 9 - iOS 9.0.1 Security Flaw ➡️Read Description: iOS 9.0.2 Addressed This

Until Apple rolls out a fix, you will need to prevent Siri from being accessed from the lock screen in order to protect your iPhone:

  • Go to the Settings app
  • Choose Touch ID & Passcode
  • You will be prompted for your passcode. Enter it.
  • Scroll down to the “Allow access when locked” section, and disable Siri.

It’s really quite extraordinary how vulnerable iOS devices have been to lockscreen flaws over the years. You would like to think that it is something that Cupertino’s developers would pay special attention to, considering the number of occasions that security has been bypassed.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

5 comments on “Even with the latest iOS 9.0.1 update, your iPhone’s lockscreen is unsafe”

  1. Kevin Holley

    Is it known whether this affects those with alphanumeric lockscreen codes instead of numeric codes?

  2. Oscar

    are you sure it isn't just unlocking because you push the home button and touch id recognized it and unlocked it.

  3. Rommel

    I also notice that screen rotation doesnot work in fhe main/home screen. Has this been disable with IOS9?

    Thank you

  4. Ashok

    Siri is accessing photos even when it is in lock mode please update this issue as quick as possible ios 9.0.1 needed to be update

  5. Dan Smith

    If someone has turned off the camera in Restrictions, either in IOS 8 or IOS 9, I assume that the photos will still be unavailable even if one gets in using this method?

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.