An iOS 7 Security Bug Lets Thieves Into Your iPhone 5S With A Fake Thumb (AAPL)

iphone 5s scanning fingerprintAnother day, another iOS 7 bug.

This time we learn via CNET that there’s a problem surrounding the fact that Airplane Mode is easy for hackers to exploit. A German security firm called SR Labs showing how it’s possible.

This exploit requires a thief to physically steal your phone. iOS 7 implemented a new feature called Control Center which lets you enable Airplane Mode without having to enter a passcode lock. This gets it off the grid and out of sight of Apple’s Find My iPhone feature. The phone can’t be tracked or remotely wiped, and the thief can take his time to crack your passcode lock.

If the thief is unsuccessful, the video demonstrates a process by which you can lift a fingerprint from the phone’s screen and use it to create a fake thumb that will accurately unlock the iPhone 5S’s fingerprint sensor.

The thief can actually reset the victim’s Apple ID password by requesting the reset and enabling the phone’s Wi-Fi just long enough to receive the reset email. In the video, they explain that they were successfully able to do this while remaining out of site from Apple’s remote wipe capabilities five times on the same phone.

Here’s the video for the complete walkthrough:

Join the conversation about this story »