A security researcher has found yet another lock screen exploit on the iPhone, this time with FaceTime on iOS 13. The exploit allows anyone to view your contact information without unlocking the phone.
Jose Rodriguez, who posted a video on YouTube showing the lock screen bypass procedure, says he found the exploit and sent it to Apple on July 17, and though the issue remains in iOS 13. The exploit appears to have been fixed in beta copies of iOS 13.1, set to release on September 30th — 11 days after iOS 13’s official launch. The bug seemingly works on any iPhone model running iOS 13.
Unlike a previous FaceTime bug, which allowed callers to see and hear the person they’re FaceTiming without them answering, this particular exploit requires you to have the phone in your hands. Essentially, when a FaceTime call comes in, tapping “Message” to decline the call with a custom reply allows users to enter into a text message which, with a couple quick voiceover tricks courtesy of Siri, can then display any contact’s full information.
It’s a very easy bug to take advantage of that requires little technological know-how, especially since Rodriguez posted a step-by-step video to YouTube.
This is the latest lockscreen exploit to join a handful of others iOS has experienced over the years.
Last month, Google revealed that iOS devices have been vulnerable to malware and data theft for years through another exploit in the Safari browser, an issue Apple was made aware of and has since released a somewhat contradictory statement on the matter.
This latest bug isn’t an exploit quite to the level that would garner Apple’s recently announced $1 million bug bounty, but sensitive information is certainly at stake, particularly for people who are often in common spaces. Bugs like these are hard for users to avoid, but there are some tips and precautions you can take to help ensure a more secure device. And as always, updating your device is top among these.
There’s a lot to unpack and to tweak in iOS 13, including aesthetic features like Dark mode and an updated volume graphic, as well as security-focused features like Sign in with Apple, and more detailed options for location tracking in various apps.