Well that was quick. iOS 7 has only been out for a day but a lockscreen vulnerability has already been discovered by Jose Rodriguez, who also discovered the iOS 6.1.3 lockscreen bypass back in March. The bug allows someone to access your photos, email, or Twitter account without knowing your password.
The vulnerability works by accessing your iPhone or iPad’s Control Center by swiping up from the bottom of the screen, and opening the alarm clock. Here, hold the power button until the slider appears. Cancel the shut down request and quickly double click the home button to enter the multitasking screen. This allows access to only a few apps like your email, Twitter, or Camera app. The Camera app in particular reveals all of your taken pictures as well as allowing the hacker to share your photos using Facebook, Twitter, Flickr and email.
If you want to guard against this vulnerability, you can go to your iOS device’s settings, find “Control Center” and disable the ability to access Control Center from the lock screen. This is obviously not very convenient but will have to do until Apple fixes the bug.
Update: we have discovered this vulnerability can also grant access to your entire contacts list when you share a photo by email.
Apple has reached out to Forbes to say they’re aware of the issue and are working on a fix.