(Not so) Smart Cover

Powered by SC Magazine
 

Apps exposed.

New technologies are taking the workplace by storm, and none more so than Apple’s iPad, which is particularly popular with managers and executives.

As a result, an increasing amount of sensitive data is being carried around, and while the iPad’s security features help to keep your data secure, a recent bug discovered in iOS 5 allows anyone to bypass your passcode to lock and unlock the device.

Interestingly, the vulnerability itself comes in an unexpected form: the functionality required for Apple’s Smart Covers.

It’s worth noting that this is a limited bypass, and by that I mean that the attacker will only gain access to the last app that was open (or the home screen if that’s where you were). They won’t be able to switch apps, and if on the home screen, they’ll be able to see all your apps but won’t be able to start them.

If, like me, you spend a lot of time reading and sending emails, then chances are the mail application was the last one open when your iPad was locked. This would allow an attacker to read your emails, send emails from you, and view your contacts!

If you have a Smart Cover, you can try it for yourself. Wait until your iPad is locked and make
sure it prompts you for your passcode. Hold the power button to bring up the ‘power off’ slider.

When it appears, close the Smart Cover, then re-open it and touch ‘cancel’. If you’ve done everything right, it should drop you into your home screen or the last app you had open.

Apple has released a security update for this in iOS 5.0.1. You can also protect yourself by disabling Smart Covers in your iPad settings
(Settings ›› General ›› iPad Cover lock/unlock ›› Off). 

Don’t forget to patch!

Copyright © SC Magazine, Australia


(Not so) Smart Cover
Tags
 
 
 
Top Stories
First look: Microsoft Outlook for iOS
[Update] Office productivity suite for iOS completed with Outlook.
 
NewSat defaults on $26m in overdue Lockheed payments
Jabiru-1 satellite build hits further hurdles.
 
IBM denies plans to cut 112k jobs
But admits to further restructuring.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  36%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 3096

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 986

Vote