Threat: Multiple Passcode Bypass Vulnerabilities Discovered in iOS 9
Solution: Disable the Siri module and Events Calendar without passcode, along with the public Control Panel with the timer and world clock. Users should also activate the weather app to prevent the redirect.
This is a pretty big vulnerability that requires very little technical knowledge to exploit. The last vulnerability of this type I remember only allowed access to pictures and contacts.
I also wonder if the FBI could could explot this to unlock the iPhone they want from Syed Farook and the few hundred ones they have from other suspects for lesser crimes.
In addition as I look at the steps needed to completely disable this exploit, I hope Apple pushes out a security update soon. I can’t imagine many users actually taking the steps to disable everything necessary to protect against this.
Who is Paul Darr?
Paul Darr has lived in California, Oregon, Colorado, and currently lives in San Antonio, Texas. Paul is also an Army Veteran, who has deployed to Iraq and Afghanistan. On the political spectrum Paul is a Libertarian that advocates fiscal responsibility and social tolerance. Paul is currently employed as a Systems Administrator and is a father of a handsome boy and beautiful daughter. In his free time Paul enjoys reading, using and modifying open source software, gaming, and several other geeky pursuits.