Several stories have recently emerged regarding security breaches found in the iOS 7 update, which was released on September 18th to iPhone users. The two most talked about security holes allow hackers to make phone calls, send messages, and view apps, such as Facebook and Twitter, despite the phone’s widely used passcode lock feature.
One of the most talked about (but easily fixed) security holes allows users to bypass the passcode on any iOS 7 device and gain access to the Photos app and subsequently to the user’s email and social networking accounts. The hack works through manipulating security holes in the iOS 7′s Control Center and sharing menu features. The good news is that this security hole can be easily prevented by any iOS 7 user. It is advised that users go to the settings app, tap on the Control Center, and turn off the “Access to Lock Screen” option. Apple has recognized the vulnerability and plans to fix it in a future update.
Two more holes, which allow hackers to make phone calls and send messages on a locked phone, have recently been discovered, according to an article posted by Naked Security. The first involves using Siri, Apple’s voice control system, while a phone is locked. Hackers have discovered that it is possible to send email and post to a user’s social networks just by asking Siri to do it for them. The way for iPhone users to prevent this from happening is by going to settings, general, then passcode lock and turning off “Allow access when locked” for Siri. For even tighter security, users can turn-off Siri altogether. The second hole allows hackers to make phone calls to any number they want using the emergency call feature. Unfortunately, this is a feature that can’t currently be turned-off.
Obviously, there are still several issues with the iOS 7 update that need to be worked out. Until then, here is a review of how to protect your newly updated phone from a hack:
1. Turn off the “Access to Lock Screen” option in the Control Center settings.
2. Do not allow access to Siri when your phone is locked (Passcode lock settings under “General”), or turn off Siri completely.
3. Be careful of who you let use or see your new phone.
4. If your phone gets lost or stolen, use a mobile control application or contact your service provider to have it locked out of the network.
5. Consider waiting to update your phone until the security holes and other issues are resolved.
For more information on the recent security issues, visit http://nakedsecurity.sophos.com/2013/09/25/siri-offers-the-latest-backdoor-into-your-iphone-just-ask-nicely/?utm_source=feedly.