New iOS 9 Flaw Means People Can Bypass Your Passcode To Access Your Photos and Contacts

We remember the days when the rollout of any new Apple product was a moment to savour: impatiently waiting to try all of the cool new features that would make your life even more effortless than it is already, in these spoiled times we live in.

But these days, it's much more likely to end in anguish as things go wrong, your old software doesn't work any more, and your battery dies in minutes. And it's no different for Apple's iOS 9 rollout which has caused iDevices to lock up, glitches & freezing - and now there's a new security bug (following hot on the footsteps of the malware that infected Apple's App Store).

Jose Rodriguez - who also discovered an obscure iOS 6.1.3 lock screen bypass two years - has worked his magic again to find another bug related to Siri lock screen access and iOS 9's five-attempt lockout policy. As demonstrated on the video below, using Siri from a lock screen, under a particular set of circumstances, gains someone (who is not you) access to large swathes of the system, including your contacts and photos. You are vulnerable if you have a simple four or six digit passcode.

So far there's been no solution from Apple, so concerned users can disable Siri lock screen access. Simply head to Settings > Touch ID & Passcode, enter your current passcode and deactivate Siri under the "Allow access when locked" heading.

Now, what else have they got wrong?...

[via appleinsider.com]