A hacker has found a way to reach through iOS' lock screen to grab photos and contact information. Anyone can do it too, and it will only take about 30 seconds.
Earlier this week, Zerodium, which maintains a zero-day acquisition platform, offered a $1 million bounty for a browser-based jailbreak that can be remotely executed.
One hacker's discovery didn't qualify for the bounty, but it did reveal a vine-covered backdoor into the world's most secure mobile operating system.
The exploit entails using Apple's own Siri to carry out a hacker's wishes because the digital assistant has the ability to pass between the walls of lock screens to serve up information from the other side.
Here's how to hike up through the backdoor, which should be sealed shut by Apple pretty soon:
Fail to enter the correct passcode four times then enter any sequence of digits, leaving the last place holder empty. If there are five place holders, for example, enter enough digits to fill four of them.
Invoke Siri by pressing and holding the "Home" button then enter the final digit. Ask Siri for the time when she appears.
Tap on the "Clock" icon, add a new clock then enter some text into the field labeled "Choose a City."
Double-tap on the text entered into the "Choose a City" field. Choose the "Select All" option from the context menu that appears then tap "Share."
Tap the "Share" menu's "Message" icon, enter some random text into the "To" section of the "New Message" template. Tap "Return" then tap the blue link that appears in the top left corner of the app.
Tap the "Create New Contact" option. Tap "Add Photo" then "Choose Photo."
Ensure that you have been honest and have not carried out the above steps on someone else's iPhone because what lies before you are the mobile device's photo library. Seriously, all local and iCloud photos will be right there.
Barring the backdoor is as simple as shutting down Siri's lock screen access. Tap "Settings" then Touch ID and Passcode. There you'll find the option to keep Siri behind the lock screen.
For more, check out the video below: