iOS 7 beta bug allows anyone to access the photos on your iPhone [VIDEO]

Graham Cluley

A beta version of the upcoming iOS 7 iPhone/iPad operating system has only been in the hands of developers for a few days, but already testers are finding security vulnerabilities.

In the following video, highlighted by Forbes, iPhone owner Jose Rodriguez demonstrates how he was able to bypass the passcode on iOS 7’s lock screen to access hundreds of private photos within seconds.

How is it done? Simply open iOS 7’s new Control Room function (by swiping from the bottom of the screen) and make use of the quick-access icon for the iPhone’s calculator app *before* opening the device’s camera.

Rather than being able to only access photos that you have taken while the phone has been locked, you can merrily leaf your way through any of the device’s past photos and (if you wish) delete them, forward them to someone else, or even upload them to Twitter.

All without knowing the iPhone’s passcode.

Oops, right?

iOS 7But before you sell your Apple shares, bear these factors in mind.

Firstly, and most importantly, this is a *beta* version of iOS 7 – released to developers and interested parties specifically for them to dig out bugs and report them back to the Apple mothership before the real version is released to millions of users.

The good news is that now that the vulnerability has been identified, Apple will surely fix it before the official release. Hey, we’re all hoping that they fix some of those ghastly new icons at the same time, right?

Secondly, it’s only photographs that are being accessed. Yes, that’s bad – but it’s not as bad as having full access to all of your iPhone’s data and apps.

So, there’s no need to run to the hills just yet. Bugs will continue to be found, and there will inevitably be security holes in the eventual shipping version of iOS 7 too. That’s why it’s always important to keep your operating system updated, and remain clued-up about the latest threats – *whatever* operating system you choose.

Let’s just hope that no-one finds a way to skip around the security feature that is designed to stop thieves from reselling your stolen iPhone.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.
Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES