[raino]

So, another way might have been "no."

Actually, the answer would have been "yes." This flaw still works when Touch ID is disabled.

Yep, after all these lockscreen vulnerabilities I've yet to see a single story where anything actually happened to anyone. But hey, it's gotta be a big deal 'cos rainman thinks so...

Well, the ZDNet folks were able to do it, and people here say they've reproduced it. But I'll leave you to decide what is a big deal and what isn't. It's not like security is a big deal with Apple anyways.

[Thud Hardsmack]

Actually, the answer would have been "yes." This flaw still works when Touch ID is disabled.



Well, the ZDNet folks were able to do it, and people here say they've reproduced it. But I'll leave you to decide what is a big deal and what isn't. It's not like security is a big deal with Apple anyways.

You literally need to be holding the phone waiting for a call to come in, because if a message comes in before you pull it off you'd have to wait for another phone call.

Posted via CB10

[xandermac]

You literally need to be holding the phone waiting for a call to come in, because if a message comes in before you pull it off you'd have to wait for another phone call.

Posted via CB10

Which is why, in the real world, much to rain mans dismay, this will never actually affect anyone, just like the lock screen vulnerabilities before it.


Twitter: xandermac

[raino]

Which is why, in the real world, much to rain mans dismay, this will never actually affect anyone, just like the lock screen vulnerabilities before it.

Your mind reader seems to be off. Was it programmed by the iMessage team? You may want to explore your legal options.

[xandermac]

As much as you want this to be an issue, it just isn't. It's a vulnerability, that in reality no one will fall victim to in any meaningful way, it'll get patched and when the next non-issue pops up you can scurry back here to post all about it.

When something meaningful happens post away and I might actually take you seriously.

Your mind reader seems to be off. Was it programmed by the iMessage team? You may want to explore your legal options.

[annon91221]

You literally need to be holding the phone waiting for a call to come in, because if a message comes in before you pull it off you'd have to wait for another phone call.

Posted via CB10

Seriously man?... why won't you just use your ever so cool BB10 phone to call that iPhone a 100 times, and get access a 100 times.. meh...

Posted via CB10

[xandermac]

Because you'd know what number to call right? If you did wouldn't that mean you're hacking a "friends" phone? Nice friend...

I swear to God the level of thought (or lack thereof) that goes into trying to make Apple look bad is astounding.

Seriously man?... why won't you just use your ever so cool BB10 phone to call that iPhone a 100 times, and get access a 100 times.. meh...

Posted via CB10

[raino]

Because you'd know what number to call right? If you did wouldn't that mean you're hacking a "friends" phone? Nice friend...

I swear to God the level of thought (or lack thereof) that goes into trying to make Apple look bad is astounding.

So only "friends" want to get into someone else's phone? Not jealous partners, parents, etc?

I swear to God, the blind eye some people turn to Apple's shortcomings is astounding.

[Thud Hardsmack]

Seriously man?... why won't you just use your ever so cool BB10 phone to call that iPhone a 100 times, and get access a 100 times.. meh...

Posted via CB10

I'll repeat it: you only get one shot. Single. Uno. One more than zero, less than two. And if the last app was your daughter's Winx Club game, you get bupkis.

[Thud Hardsmack]

Something needs clarified here. Should Apple be looking into making these issues never be an issue to start with? Yes, and I hope that they would. But is this particular breach a catastrophic failure? No. There's a small chance someone might get lucky and do some damage before this breach is patched, but it's small. Very small.

[CBCListener]

And I'm sure that something like that was uttered by someone at Target, too.

Posted via CB10

[Thud Hardsmack]

And I'm sure that something like that was uttered by someone at Target, too.

Posted via CB10

Slightly different.

Posted via CB10

[xandermac]

So only "friends" want to get into someone else's phone? Not jealous partners, parents, etc?

I swear to God, the blind eye some people turn to Apple's shortcomings is astounding.

1 single reported real world example, please?

I'm guessing by posting this you want people to take it seriously.


Twitter: xandermac

[raino]

1 single reported real world example, please?

I'm guessing by posting this you want people to take it seriously.

So these things are not to be taken seriously unless they are exploited, and those here who've confirmed this issue actually exists don't count? Got it. And you want a "real world example" of an exploit that was made public five days ago?

Seriously though, it may be hard to attribute successful bypasses to one security flaw, when many exist. And who knows how many more are there? Apple doesn't exactly publicize security issues (for good reasons,) and may even sit on them knowing they fully exist.

Besides, since when did you start taking real world happenings at face value? Did Apple ever corroborate your "must have been an old or faulty third party charger" hypothesis for that iPad which exploded in an Aussie carrier store?

[xandermac]

I'll settle for 1 real world example of anyone falling victim to ANY iPhone lockscreen vulnerability that has been discovered at any time in the past that wasn't a friend screwing them...

So these things are not to be taken seriously unless they are exploited, and those here who've confirmed this issue actually exists don't count? Got it. And you want a "real world example" of an exploit that was made public five days ago?

Seriously though, it may be hard to attribute successful bypasses to one security flaw, when many exist. And who knows how many more are there? Apple doesn't exactly publicize security issues (for good reasons,) and may even sit on them knowing they fully exist.

Besides, since when did you start taking real world happenings at face value? Did Apple ever corroborate your "must have been an old or faulty third party charger" hypothesis for that iPad which exploded in an Aussie carrier store?

[raino]

I'll settle for 1 real world example of anyone falling victim to ANY iPhone lockscreen vulnerability that has been discovered at any time in the past that wasn't a friend screwing them...

So what's your point? The flaw doesn't exist or matter if it wasn't exploited as per your narrow requirements? Did goto fail not happen either because nobody (disclosed publicly) fell victim to it?

[xandermac]

It's meaningless... Keep trying though.

I'm sorry. I wish it was a bigger deal so that I could humor you, but it just isn't...

So what's your point? The flaw doesn't exist or matter if it wasn't exploited as per your narrow requirements? Did goto fail not happen either because nobody (disclosed publicly) fell victim to it?