Another iPhone lock screen bypass bug has been discovered and this one affects the latest version of iOS: 6.1.3. This version was just released and contained a fix for vulnerabilities that allowed users to skip over the lock pin to access some content.
This latest version is actually fairly easy to reproduce, but it requires more than just software tricks and taps. You have to actually eject the SIM tray mid dial in order to glitch it fully. The bug, discovered by YouTube poster ‘videosdebarraquito‘, has been independently verified by internal testing here at TNW. You’ll notice that the device in the video below is apparently an iPhone 4:
We actually could only duplicate the behavior on one device that has Siri capability, an iPhone 4S, but not the iPhone 5 (yet). This means that the bug appears to be an iPhone 4 or 4S-only affair, but that could just be a lack of ability to time it correctly. We’re still investigating the iPhone 5.
With the data that we have at the moment, it appears that this bypass bug is linked to the pre-Siri Voice Dial system, so you can prevent the issue entirely by disabling voice dialing in the Settings>General>Passcode screen. Note that we have not been able to test every permutation of the iPhone with this bug, so there may be some cases in which it does work on Siri-enabled devices (a Verizon iPhone 4S, for insistance, has not been tested).
The bug appears to only give access to photos and contacts and, like all of these bugs, requires physical access to the device. The contacts access is simple, as the bypass drops you out to the phone interface, and photos can be accessed through the ‘assign new picture’ dialog inside the contact creation process.