Exploit on iOS 7 allows others to make calls with your locked down Apple iPhone

A security gap in iOS 7 allows people to make calls using your iPhone, even if they don't know the PIN number to your lockscreen. All it takes is for someone to get to the emergency dialer, punch up a phone number, and press away at the call button. Yes, the phone will freeze and reboot, but the number will be dialed anyway. This includes international calls and premium numbers.

And if this isn't bad enough, there is an exploit that allows a stranger to view all of the photos in your gallery and even post them to social media by using the lockscreen's control center to gain access to the gallery. Using the phone application's share function, a total stranger can have control over your email, Twitter, Facebook page and Flickr accounts.

While Apple does have iOS 7.0.1 ready to go, that update handles a flaw with the Touch ID fingerprint sensor. And that means you will have to wait for at least iOS 7.0.2 to get this problem taken care of. Disabling the Control Center can help prevent your pictures from being spied on, but you cannot remove the emergency dialer.

Probably the safest way to guarantee that no one breaks into your Apple iPhone  would be to restrict access to it. Make sure you know where your handset is at all times and don't allow strangers to borrow it to make a call. Hopefully, iOS 7.0.2 will shut these exploits for good.



source:  KaramDaoud, Forbes via Gizmodo

UPDATE: Apple says it is working on a fix for both lockscreen hacks. In a statement, the Cupertino based tech titan said, "Apple takes user security very seriously. We are aware of this issue, and will deliver a fix in a future software update."-Trudy Muller, Apple spokeswoman



source: AllThingsD