In association with heise online

19 February 2013, 10:13

Access restriction in iOS 6 partially useless

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

iOS6 settings restrictions
Zoom The small padlock should indicate that all account details in iOS 6 are locked down - but they're not.
Just a few days after publication of a method for bypassing the passcode on iPhones, another security vulnerability in iOS has been revealed. Users can change the iTunes and App Store accounts even where the system settings have been configured to block such changes.

The update to iOS 6 introduced several new options for restricting the mobile operating system, including the ability to block changes to the accounts enrolled on the device. Designed with institutional users of iPhones and iPads in mind, if this feature is activated, device users can neither set up new accounts nor modify or delete existing accounts. As well as the accounts for Apple's online stores, this also affects accounts such as email and Facebook accounts. Or at least it does if you want to use the system settings to make these changes.

In securing the system, however, Apple appears to have overlooked something – the iTunes and App Store apps pre-installed on every iPhone. Open one of these two apps and scroll down to the bottom of the overview page and the relevant account can simply be changed here. This is a problem in particular for businesses and parents wishing to use the block to prevent installation of unauthorised software.

According to 9to5mac, Apple is planning to rectify this oversight in a forthcoming update, but has declined to reveal when this will occur. Until then, the only workaround is, as under iOS 5, to block app installation completely.

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-1805842
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit