iOS 9.0.1, the first update for the recently-launched iOS 9, came out this week - fixing several bugs.
Unfortunately it appears that there wasn’t time to fix a vulnerability Jose Rodriguez informed me about before the weekend, allowing unauthorised users to bypass your iPhone or iPad’s lockscreen.
Before you know it, anyone with physical access to your ‘locked’ device could be accessing your personal photographs and contacts.
Rodriguez informed Apple of the security hole just before iOS 9.0 was released, and made a step-by-step video demonstrating how the vulnerability can be exploited:
Until Apple rolls out a fix, you will need to prevent Siri from being accessed from the lock screen in order to protect your iPhone:
- Go to the Settings app
- Choose Touch ID & Passcode
- You will be prompted for your passcode. Enter it.
- Scroll down to the “Allow access when locked” section, and disable Siri.
It’s really quite extraordinary how vulnerable iOS devices have been to lockscreen flaws over the years. You would like to think that it is something that Cupertino’s developers would pay special attention to, considering the number of occasions that security has been bypassed.