Security Bug Found in iOS 5

A new security loophole has been found in iOS 5 that could potentially allow any app, coded correctly, to gain access to photos stored on your device. The loophole is related to how iOS handles the Camera Roll and how it is possible to let apps have access to that camera roll.

It works by a user granting an app permission to use the current location. When this happens, the location of photos can be found along with the ability to grab those photos and upload them to a remote server.

“Conceivably, an app with access to location data could put together a history of where the user has been based on photo location, the location history, as well as your photos and videos, could be uploaded to a server. Once the data is off of the iOS device, Apple has virtually no ability to monitor or limit its use.”

We expect iOS 5.1 to be released in the next couple of weeks and also expect to see the loophole closed within that update. We’ll have more details when we get confirmation that the security issue is closed.

Source 1,2

Speak Your Mind