Apple has already been embarrassed in the last few days with one unpatched bug in iOS 7.0, which allows unauthorised users to bypass the lock screen and gain direct access to your private photos and some apps.
But now another unpleasant bug has been found, which lets anyone make a phone call from your locked iPhone running iOS 7.0.
As Forbes reports, it is possible to fairly easily exploit a vulnerability in iOS 7.0’s emergency call function to call *any* phone number.
27-year-old Karam Daoud, a Palestinian living in the West Bank city of Ramallah, demonstrates the flaw in action in the following video:
I tried Daoud’s technique for myself on an iPhone 5 – and sure enough, it works.
Here’s how you do it for yourself.
- First get your hands on a locked iPhone running iOS 7.0
- Rather than try to enter a PIN code, press the “Emergency” button as if you were going to call the Police.
- Enter any number which you wish to call, and rapidly tap the call button. After a second or two, the screen will go black and an Apple logo appears. Your phone will dial the number.
If that all sounds a little complicated, it isn’t. But here’s a highly scientific diagram I have put together for the benefit of Apple’s developers with the help of some crayons.
In short, you may think your phone is locked – but anyone can make a call from it if they wish. And the call can be to premium rate and international numbers, of course. All being made at your expense.
It’s easy to imagine how pranksters might exploit such a feature, so make sure to keep your iPhone running iOS 7.0 safe and close until Apple fixes this bug.
Maybe they should have spent a little more time ensuring that security holes and bugs like this didn’t exist, rather than messing about adding bells and whistles…