Apple iPad 2 falls foul of Smart Cover vuln

A security flaw with Apple's iPad 2 has been uncovered, allowing anyone with a Smart Cover to unlock the tablet without ever knowing the passcode.

The revelation comes hot on the heels of a flaw-cum-feature in the iPhone 4S, whereby Siri - the voice recognition technology formerly known as Siri Assistant - is active even when the smartphone is locked with a passcode.

That allows a ne'er-do-well to send emails, adjust calendar entries, change contacts, and make calls - all without unlocking the handset - but can be disabled by flicking a toggle in the phone's settings.

This most recent hole, however, is rather more serious: with nothing more than a Smart Cover - the magnet-laden case for the iPad 2 that sends the device to sleep whenever it's blocking the screen - it's possible to gain access to a chunk of the tablet's subsystems without ever knowing the passcode.

According to 9to5Mac - which spotted the flaw being discussed on a German Apple fan forum - it's possible to access to the last application used before the device was locked, but not to reach the main home screen.

If the last app you were using was Angry Birds, you're probably safe. Lock the device while having your Mail app open, however, and the attacker will have full access to read your existing emails and to send new ones.

The exploit is incredibly simple: grab a locked iPad 2, hold down the power button until the 'Turn Off' slider appears, stick the Smart Cover on, remove said Smart Cover, then hit the 'Cancel' button that's just appeared.

If you're an iPad 2 owner, it's recommended that you fix the problem temporarily by switching the device's monitoring of the Smart Cover off until Apple can release a patch. To do so, head to Settings, General, then disable 'Smart Cover Unlocking.'

9to5Mac's video demonstration of the flaw is reproduced below.