A bug in iOS 6.1 allows a hacker with physical access to an iPhone 5 to bypass the LockScreen defense to gain access to the phone app and place calls, listen to voice mails and view photos in the contacts section.
[video=youtube]
http://www.youtube.com/watch?v=MDkLpj3MM-c[/video][/CENTER]
A video demonstrating the bug was posted on YouTube at the end of last month, but has only now reached media attention – garnering nearly 250,000 views in the meantime. The video, posted by user videosdebarraquito, shows how a sequence of making and canceling an emergency call, starting a power off but retrying the emergency button can bypass the phone’s passcode protection. If successful, it leaves the hacker in the iPhone’s phone app, but without any access to other apps – any attempt to use other apps simply reboots to the passcode.
Little real harm can come from this bug. Successful exploitation can allow phone calls to be made, and voice mails accessed. Photos in the contacts section can be accessed – but nothing more. It could lead to additional call costs and some embarrassment from voice mails, but doesn’t provide access to more potentially damaging apps – such as Facebook. It is “For prank[ing] your friends, for a magic show. Use it as you want, at your own risk, but...please...do not use this trick to do evil,” says its author.
Read more:
http://www.infosecurity-magazine.com/view/30766/bug-in-iphone-5s-ios-61-bypasses-lockscreen/
