An iOS 7 Security Bug Lets Thieves Into Your iPhone 5S With A Fake Thumb
This time we learn via CNET that there's a problem surrounding the fact that Airplane Mode is easy for hackers to exploit. A German security firm called SR Labs posted a YouTube video showing how it's possible.
This exploit requires a thief to physically steal your phone. iOS 7 implemented a new feature called Control Center which lets you enable Airplane Mode without having to enter a passcode lock. This gets it off the grid and out of sight of Apple's Find My iPhone feature. The phone can't be tracked or remotely wiped, and the thief can take his time to crack your passcode lock.
If the thief is unsuccessful, the video demonstrates a process by which you can lift a fingerprint from the phone's screen and use it to create a fake thumb that will accurately unlock the iPhone 5S's fingerprint sensor.
The thief can actually reset the victim's Apple ID password by requesting the reset and enabling the phone's Wi-Fi just long enough to receive the reset email. In the video, they explain that they were successfully able to do this while remaining out of site from Apple's remote wipe capabilities five times on the same phone.
Here's the video for the complete walkthrough: