iOS 5 security flaws uncovered, highlights Sophos

iOS 5 Security Flaws

If iOS 5 powered devices serve as the main work companion for business folks on the move who happen to be ardent Apple fans, then there may be reason to worry, according to the latest from Sophos. Apparently, the AES 256 encryption security flaw that iOS 4 was marked with continues to haunt iOS 5 devices as well.

During the encryption of data, iOS 5 powered devices are said to allow access without asking for the concerned passcode or the encryption keys. Additionally, if the iDevice is plugged into a PC that’s friendly with Apple’s control protocol, then the media files can easily be accessed without calling for authentication. The media files being referred to cover everything from photos to videos to sound recordings and music. The Sophos’ Naked Security blog highlights other flaws in addition to Siri being enabled by default when the iPhone 4S is locked.

The post mentions that last week saw issues with the iPad 2 surface wherein the gadget could be accessed without the passcode being put in. This can be done by using the Smart Cover as demoed by 9to5Mac. Well, what can we say but that the cover doesn’t sound so smart now. Thankfully for the iPad 2 users, it can be fixed. They are required to follow certain steps in order to disable the auto-unlock when opening the Smart Cover. Otherwise, certain portions of the data on the device can be accessed even when the user thinks that the gadget has been locked.

The Sophos Naked Security post digs up news from MacNotes.DE to share that unauthorized outgoing phone calls can be made via the iPhone running iOS 5. In case there is a missed call notification on Apple’s newest smartphone, then a call could be made without even having to unlock the device. So if a user’s Apple gadget possesses confidential data, they may probably be better off keeping it close until the company looks into the reports.