For the last several years, enterprising hackers have been finding increasingly inventive and clever ways to bypass the lock screen on your iPhone. With millions of these devices being sold around the world, it's a popular target for digital shenanigans and also just for establishing your hacker bonafides. And as it turns out, iOS 12 (and the 12.1 beta) have just joined this time-honored tradition, security company Sophos reports.
This latest hack requires physical access to the targeted iPhone, multiple Apple devices, and dozens of different steps, so it's not the stuff of casual drivebys. But if you're dealing with sensitive data on your iPhone, and there's even a remote chance that you could be targeted by a hacker, you might want to make a few changes to your iPhone settings.
To block this hack, you'll need to disable the ability to use Siri while the screen is still locked. To do so, open the Settings app, tap "Face ID & Passcode" (or "Touch ID and Passcode" if your device doesn't have Face ID), then scroll down to the "Allow access when locked" section. If the slider next to the Siri entry is green, tap it to disable the function.
Why Siri? Well, it turns out that if you ask Siri to activate her Voiceover function, send a text to that iPhone, then time a tap the screen correctly, you can get access to a hidden set of actions including opening your contacts list and viewing your photos.
The original demonstration video performed on an iPhone 8 is available in Spanish, and another YouTuber named EverythingApplePro shows (in English) how the hack can work on an iPhone XS running iOS 12.
FOLLOW Download.com on Twitter for all the latest app news.
Despite the annual ritual of dealing with a new lock screen bypass in iOS, iPhones and iPads remain relatively secure thanks to Apple's steady supply of software updates and careful control of the app store; for some older iPhones, the company has been maintaining this standard for five years running.
Meanwhile, the longest official support that you'll get on the Android side is currently three years, and that third year does not include an upgrade to a new version of Android -- just security patches.
Because of Apple's determined pursuit to keep its devices up-to-date, simply making sure that these updates come to your phone automatically can help keep it safe from prying eyes. To check your update setting, open the Settings app, scroll down to and tap on General, tap Software Update near the top, and tap on Automatic Updates.
If the slider is green, you are set to receive patches and updates to new versions of iOS as soon as they are available. Note the fine print, though: "Your iPhone must be charging and connected to Wi-Fi to complete the update."
Apple will presumably be producing a patch soon to fix this lock screen bug.
- The security company Sophos reports that there is a way to bypass the lock screen on iOS; this hack appears to work against multiple generations of the iPhone up to and including the iPhone XS, and multiple versions of iOS, up to and including the 12.1 beta.
- However, you can block the hack by making a change to your Siri settings.
- We expect Apple to produce a bug fix soon, after which you can restore your original Siri setting for the lock screen.
- Apple double downs on privacy by requiring all third-party apps to publish data policies
- How Apple is going to block digital fingerprinting
- Apple adds 'Device Trust Score' to iOS 12 in effort to prevent fraud in iTunes and App Store
- Apple introduces the 70-plus emoji coming to iOS 12.1 (CNET)
- Apple's latest iPhone XS ad is a big, old mess (ZDNet)
- How to trade in your Apple Watch and get the best deal (TechRepublic)