Modernizing Authentication — What It Takes to Transform Secure Access
YouTube user VideosdeBarraquito, who posted a video last month showing how to bypass the lock screen in iOS 6.1, has now done the same for iOS 6.1.3, the newest version of Apple's mobile operating system.
The steps this time are less complicated than they were for the previous exploit -- if voice dialing is enabled, you just need to voice dial a phone number, then, as soon as the device responds, use a paper clip to pop the SIM card out. If you time it correctly, you can bypass the lock screen and access the dialpad, contacts and photos.
Still, as The H Security notes, the exploit can easily be blocked by enabling Siri instead of voice dialing, or by using an alphanumeric passcode instead of a four-digit PIN. "Users who have disabled Siri can easily mitigate the effects of this vulnerability: voice dialling can be disabled in the iOS settings for the Passcode Lock (under 'General') and will then no longer be accessible from the lock screen," The H Security advises.
"Sorry, iOS 6.1.3 has a new security flaw, but can be avoided easily," VideosdeBarraquito wrote in a brief post accompanying the video. "You should disable the 'Voice Dial' option if you want to be safe."