Wish to peep into the photos of a locked iOS 5 device? All you have to do is know a user who sets the date of his device a couple of days or even weeks late, or find a way to enter the settings page and change the date and voila! you can have access to the pictures on the device.
Someone recently discovered that Apple sets the security of images in an iOS device based only on the date. This means that if you’ve taken some photos today and the date of your device has been changed to say, yesterday, you can have access to all those images taken today without having to unlock your device. That said, it means that if the photo was taken before the actual date (and time, otherwise you would be able to see all the photos taken today), the photos will not be accessible via that method.
Alright, with this bug discovered, all we need is for someone to find a way to the settings page to change the date of the device without unlocking it, just saying.
Of course, that’s not the point of the discovery, according to the founder of the flaw, Ade Barkah, he says that Apple should not rely on such a simple method to protect images on a device.
“The point to all this is that Apple should not rely on a simple timestamp to restrict image access. Changing the iPhone’s clock—forwards or backwards—should not affect its security. We can’t guarantee the clock will always monotonically more forward, and when it doesn’t, the system should fail-secure.”
(Source: Gizmodo)
