As pointed out above, one of the very important requirements for this "exploit" to work was left out of the directions:
Glossed over is the fact that if you don’t allow bypass of the screen locking, you don’t have this problem.
In other words, it REALLY isn't secure to begin with if you allow bypassing screen locking!. That's exactly what this is describing: unlocked, bypassed screens! What do they expect if they TURN OFF SOME OF THE SECURITY????
Default is screen locking on.
This is almost as stupid as complaining that your Jailbroken iPhone is more susceptible to malware and blaming Apple. . .
As I said, it's bogus.
“...As I said, it’s bogus.”
******************************************************
Yes, it is indeed a bogus “security flaw”. But at least it gives another opportunity for Apple haters, like moths drawn to the light, to come and take shots at Apple products.
This exploit revolves around the access to Control Center from the lockscreen. My brand new iPhone 5S came out of the box with the toggle set to allow control center in lock screen. While it is handy to have access there, it should come default set to NOT allow control center in lockscreen. Problem solved.
Oh- ans last night I was notified of an update for my iPhone 5S (iOS 7.0.1). It is primarily for a bug some experienced with using fingerprint scanning to authenticate app store and itunes purchases.
This second bug doesn’t require any user to downgrade security first. It’s on video at the link.
Why is it so hard for you to admit that Apple (like every other software company anywhere) ships with bugs? It’s not like anyone here has accused Apple of being bad (or even worse that its competitors) when it comes to bugs? The only statement anyone made on this thread (that I saw) is that other companies would have faced (unwarranted) media attention for these bugs. You seem very defensive about a very normal occurrence in the tech industry...
That's not quite correct - the default is to require a screen lock passcode, yes. And obviously, if you choose not to use a passcode, then why would you complain about lock screen security?
However, the default setting for Control Center is "Access on Lock Screen" to be enabled. (Notification Center similarly defaults to being available from the lock screen.) In that respect, the default behavior is to use a passcode for the lock screen, but to bypass it for some functions. An exploit that allows access to the full phone or even partial data that uses that would indeed be a security bug that needs addressed.
That said, the more secure option in the first place is to disable Notification Center and Control Center from the lock screen in Settings.