A Canadian tech blogger has found a bug in iOS 5 that allows photos to be viewed even when the iPhone is locked. The problem arises if the date or time is changed backwards.
Ade Barkah, a Canadian tech blogger, has discovered a bug after updating his iPhone to iOS 5.
One of the most popular features of iOS 5 is the ability to launch the Camera app from the lock screen. Even if your device is passcode-protected, you can double-click the home button, and a camera button pops up next to the slider.
Once in Camera app, if you try to view pictures that were taken previously, you should ideally see this screen.
This safety measure prevents others from taking your phone and viewing images while the device is still locked. However, as Barkah points out, this filtration is done by checking the timestamp of the picture against the current date and time, which isn't secure because the current date and time can be changed.
"Just set your iPhone’s clock to a time in the past (say, in 2010). Then access the Camera while your phone is still locked. Lo-and-behold, you’ll be able to see all your “protected” images.
The point to all this is that Apple should not rely on a simple timestamp to restrict image access. Changing the iPhone’s clock — forwards or backwards —should not affect its security. We can’t guarantee the clock will always monotonically more forward, and when it doesn’t, the system should fail-secure."
Frankly, it's a little surprising that no one discovered this over the end Daylight Savings Time this past November. It may seem that the scope of this bug is fairly limited, but Barkah lists why this could still be a major problem.
"But time always moves forward, right? Why would your phone’s clock ever roll backwards?
- It could be due to user error. E.g., maybe while traveling across timezones you accidentally set the iPhone’s date or time incorrectly (rather than simply resetting the timezone). If you set the clock ahead of what it’s supposed to be, then this vulnerability will appear when you reset to the correct time. If you accidentally set the clock to the past, then your images will immediately become unprotected.
- It could be an iPhone glitch. E.g., a software or hardware issue could reset your iPhone’s clock to epoch time — iPhone’s “zero” time at midnight January 1, 2001. In this case all your images are exposed.
- It could be an infrastructure error. E.g., if you automatically sync from a erroneous external time source (cell phone company, etc.)
I don’t think normal (non-Apple) apps can change the iPhone’s clock, but if it can then that could be another possible source of rollback."
Infrastructure error is especially important because this would take effect while the iOS device is set to automatically update the time, which does not require any user-based interaction at all. And, if an app - or malicious code - gains the ability to change the date and time, this could happen without the user noticing as well.
Since the security is based on timestamp checks, it should be a fairly easy problem to fix in a future update. In the meanwhile, though it doesn't seem like a major bug and the chances of it happening seems quite rare, be sure to keep your date and time properly set to avoid this issue.
[via Peekay.org (Ade Barkah's Blog), CNET]
Um. How do you change the time if it’s locked?? Dur
Yeah, I read the senarios. Just a little far fetched…
They need to fix all the time errors while they’re at it.
Really, that’s kind of pointless. They make a big deal over bullsh*t if you ask me. How is someone gonna change the time? If someone is changing the time with the phone locked. Oh let me use your phone to make a call and I will secretly change your time so then tomorrow I can look at your stupid photos. Not.
big deal ….!!
I knew about this since day 1 when iOS 5.0 was released so it is not new.
If you are still running iOS 5.0, then the “Your iPhone is locked” screen doesn’t even appear. So you are always able to view the photos. I did find that error a Month ago, but didn’t really care because apple fixed it 5.0.1…
This guy is just trying to get se attention from people just to make it look like he’s soo much by pointing this out, yes it’s true and i for one even new it from day one when i updated to iOS5, iOS 5.0.1 has fix it, is this guy even a developer at all??.
You are wrong. ios 5.0.1 didn’t fix it
A bigger problem is if you hit the home button it takes you to the home screen whilst your viewing the pictures you’ve taken
Now that is something bad! Even if you do not reset the time and just go to the “phone is locked screen, hitting the home button takes you right to the home screen! Bypassing the whole locked mechanism.
Whoops, did not have a passcode set on that one.
It asks me for a passcode when I try that on 5.0.1.
@karl. 100% correct!! I did this once and couldn’t replicate it. Such a mediocre effort to provide us with security. Epic fail Apple!!
Noooooob it took this long to figure this out. I know how to get to the home screen from there but am I going to release this info no be smart do not raise the amount of successful iPhone thrift just think if you do not know how to unlock it you are less tempted to steel it
Nooooooob a lock screen is not a theft deterrent. If someone is going to steal an iPhone, they’re just gonna steal it like thieves do everyday. It’s what’s on the phone once they get it and that they’ll have plenty of time to decide if they can get inside or not. Apparently it’s not that difficult is it..
when you travel far away and get online, your phone ‘ll set the time automatically.