pixel
Connect with us

iOS

A new iOS 12.1 exploit means phone thieves can access all of your contacts with a couple taps

At least it requires the person to actually have possession of the phone.

apple iphone 12.1 contact exploit
Image: Unsplash

Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.

Man, people just love breaking new stuff. Such is the case with iOS 12.1, as it has now been discovered that you can get into a person’s contacts on iOS 12.1 without any passwords, fingerprints, or severed heads to activate Face ID.

The vulnerability, discovered mere hours after Apple released iOS 12.1, involves using one of the new features associated with the update, group FaceTime calls. With it, you can gain access to the complete contacts list in someone’s phone.

How it works

Basically, you’re using Siri to let you into a FaceTime call while the phone is locked, then with airplane mode on, you start adding contacts to the call. With group FaceTime calls, you can either type a contact name in or you have the option to hit a little plus sign to search contacts.

Hitting the plus sign means you have full access to the person’s contact list.

If there is a silver lining here, it’s that this method and a previous one discovered in iOS 12.0.1, require the would-be hacker to have the phone in-hand. Even so, it is definitely troubling that access can be had so easily.

More about iOS 12.1

Released this week, iOS 12.1 introduces Group FaceTime calls, a bunch of new emoji, dual SIM control, and real-time depth control using the TrueDepth camera. To download the new, head to the Settings app under General > Software Update.

It seems like most new software releases feature some sort of bug, and while it’s easy to criticize a company for letting something through, it’s also good to remember that it is almost impossible to test everything in a controlled environment, it’s when it releases to the general public that the true stress-test begins.

What do you think of the exploit? Should Apple have done a better job with the update before releasing it? Let us know in the comments.

Editors’ Recommendations:

Follow us on Flipboard, Google News, or Apple News

Former KnowTechie editor.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in iOS