On the day Apple released iOS 15, a Spanish security researcher uncovered a way to bypass the iPhone’s lock screen that attackers could use to access a user’s notes. Jose Rodriguez said he released details of the hack method after Apple downplayed similar issues he reported earlier this year.
Last week, a researcher tweeted that Apple usually estimates reports of such problems at $ 25,000, but the company paid him only $ 5,000 for reporting more serious flaws. Rodriguez said he was referring to the vulnerabilities CVE-2021-1835 and CVE-2021-30699, which Apple fixed in April and May, respectively. These two problems allows attackers to gain access to instant messengers such as WhatsApp and Telegram even when the iPhone was on the lock screen.
Apple, according to Rodriguez, has improved the situation somewhat but has not completely fixed the problems. In addition, the company did not contact the security researcher to clarify whether they close the vulnerabilities. That is why he decided to post a video demonstrating a new option to bypass the screen lock to access the Notes application using Siri and VoiceOver. Thus, Rodriguez became another in a long list of security researchers who criticized Apple for its negligence in the program to reward users for identifying software bugs.
Gizchina News of the week
iOS 15
As expected, Apple has begun rolling out iOS 15, a new version of its mobile software platform, which will soon be available to owners of all compatible smartphones from the company, starting with the iPhone 6S released in 2015. The update brings with it a number of interesting innovations, including the ability to use FaceTime to make calls to Android and Windows devices, improved photo-processing algorithms, and much more.
One of the most notable innovations comes from FaceTime; Apple’s proprietary video chat application, which previously only allowed users of Apple devices to chat. With the release of iOS 15, the situation changed and FaceTime gained support; for making calls to Android and Windows devices. To use this option, you will need to generate a link to the chat in FaceTime; which you can send to anyone in any way possible. By clicking on such a link, the user will automatically join the conversation. It is possible to join the chat only after the administrator’s approval; so that when conducting virtual conversations, the appearance of random people is excluded.
Another change concerns the iMessage app. From now on, links users receive during the day will get automatic transfer to other applications; so that the user can familiarize themselves with them. For example, when someone sends you a link to a news item in Apple News; it will move to the company’s news service. In a similar way, the links coming to iMessage related to Apple Music, Apple Photos; and other branded services will be distributed.