Eight days before the final Assembly 13 iOS security researcher Jose Rodriguez (Jose Rodriguez) have found in her a vulnerability that allows to bypass the security code, and view contacts on a locked device.
According to the published Rodriguez video, in order to access the list of contacts on a locked device running iOS 13, enough to do some simple actions:
To answer an incoming call using a specially constructed message;
Enable the VoiceOver feature;
To add a new contact to a specially crafted message;
Click on contact photo and in the menu select “Add to existing contact”;
After the appearance of the contact list to click on another contact and view its details.
In the description of the video, Rodriguez said that he had notified Apple about the vulnerability on July 17 of this year when I tested the beta version of iOS 13. As of September 11, when a researcher publicly disclosed details about the problem, it remained uncorrected. Perhaps the vulnerability will be fixed in the final build of iOS 13, is scheduled for release on September 19.
Read more •••
YouTube wins a low-budget version of the film about Harry Potter