Marc Gurman has discovered a vulnerability on the iPad that allows for a limited bypass of the device’s locked screen. Anyone with a Smart Cover on their iPad can gain access to the previously-open app (or the home screen if no app was open).
Simply hold the power button to bring up the ‘Power Off’ screen, close the smart cover, re-open it, and click cancel, the attacker will be dropped into the screen that was open before the iPad was locked. If the attacker gets dropped into the home screen, then they’ll be able to see the installed apps, but won’t be able to open anything. If Safari or Address Book (or any other app) was the open when the device was locked, then the attacker would have access to that app.
From a locked iPad 2:
1) Lock a password protected iPad 2
2) Hold down power button until iPad 2 reaches turn off slider
3) Close Smart Cover
4) Open Smart Cover
5) Click cancel on the bottom of the screen
Obviously with more and more iPad’s being used in the business world and also in education you can probably imagine the issues this type of vulnerability could cause. Just imagine if your email was the last app open, or your address book with all of your customers 🙂
For now the only way to stop this happening is to disable the “Smart Cover Unlocking” feature, which can be found in Settings>General.
Although I’m sure Apple will be working on a fix for this already.