Skip to main content

iOS 7 access to airplane mode from lock screen can prevent owner wiping stolen iPhone

The ability to access iOS 7's control centre from the lock screen of an iPhone has led to a new security flaw being identified.

The shortcut means anyone who has the iPhone can switch on airplane mode, so starving the device of access to the mobile network, Internet and Apple cloud.

German security firm SR Labs has revealed that, if a phone thief switches on the setting fast enough, the owner will be prevented from being able to locate and wipe the device via Apple's Find My iPhone service, as it will be cut off from cloud services.

This could then give the thief enough time to either crack the iPhone's passcode or, in the case of the iPhone 5S, lift the owner's print from the device to create a spoof print and gain access to the phone and all its data.

Furthermore, SR Labs explained that once the cloud username was obtained from the device, the thief could exploit the password recovery option that allows users to retrieve passwords via a second email. As long as that email was linked to the iPhone, this would give the thief access to the owner's cloud account, through which the device could then be taken over.

Switching off airplane mode until the account retrieve email was received - before switching it back on - was not enough time for the device to be wiped. The team said it tested this numerous times. The video above explains the process in full.

SR Labs also perfected and advanced Chaos Computer Club's technique of hacking Touch ID through a photo of a latent fingerprint, although the equipment they used to create the copy is worth over $1000, one commentator noticed.

Marc Rogers, principal security consultant at Lookout, after recreating SR Labs method, told ZDNet he thought it was "a little bit in the realm of a John le Carré novel".

Last month Jose Rodriguez, a soldier living the Canary Islands, found a flaw with iOS 7's control centre which allowed him to gain access to an iPhone without unlocking the device or entering a passcode, if the right combination of buttons were pushed.

The lock screen bypass bug has since been patched in version in 7.0.2. Apple has not commented on SR Labs' findings.