Serious Flaws of iOS 11.2 HomeKit Left Smart Locks Vulnerable

Within days of Apple revealing their plans for the iPhone 8 and the iPhone X, they followed up this announcement with the release of iOS 11. As great as this update is, there have been a few issues with it in recent weeks. The most recent issue which iPhone users have experienced is with their HomeKit smart lock systems. iOS 11.2 was released in order to fix an issue which caused iOS to get stuck on an iOS restart loop.

What is the iOS 11.2HomeKit Security Issue?

iOS 11.2 homekit

Before we get into it, know that this security issue has been addressed and fixed by Apple, and wasn’t easy for hackers to take advantage off. The issue was with a HomeKit vulnerability which gave unauthorized iPhone users the chance to connect with other iOS devices which were connected to a HomeKit system. As a result, anyone who knew how to take advantage of this security loophole would be able to use any smart-home features which were connected to the victim’s HomeKit system.

Any devices at all which were connected with a HomeKit system could be interacted with, meaning that if you had a smart lock (on either your garage, front door, or both), then you’d be at risk of being robbed.

For Apple to effectively deal with the security issue which was discovered, they decided to temporarily suspend HomeKit access – this allows them to prevent any more users from being affected by the problem while they fixed it. While the issue has been fixed and their security was upgraded during the outage, Apple has stated that some HomeKit features will be unavailable for the time being so that they can upgrade their security for all HomeKit features, further preventing future security problems.

Let’s Discuss The Serious Security Issues of iOS in History

Below we have detailed some of the most significant iOS problems which have impacted iOS users over the last few years.

iOS 8. While not a security issue, it was discovered a few years ago that if certain characters were sent via iMessage, the recipient’s device would crash when they opened the message and reboot. This caused a lot of inconvenience for iPhone users and made them question Apple’s security procedures.

iOS 9. iOS 9 became victim to several security threats during its time. The “Pegasus” malware jailbroke devices without the device user knowing, then run in the background while collecting text messages, passwords, account information, and any data that was entered into the device. About a year later, the “BroadPwn” attack occurred which allowed hackers to control other iOS devices – both of these were fixed within days of being discovered.

iOS 10. With iOS 10, backups were not being stored efficiently and as a result, iTunes was taking up more storage space and iTunes backups weren’t encrypted as strongly as they were in the past. Fortunately, iCloud accounts weren’t impacted by this.

iOS 11. The two recent vulnerabilities with iOS 11 are the HomeKit issue, which we have detailed above.

As shown above, almost each update of iOS has something related to the security issues. It’s very significant that our iOS users take care of our privacy and take action to protect ourselves from being leaked.

How iOS Users Can Protect Privacy from Being Attacked

Considering that there has been a fair number of security breaches with iPhone’s and other Apple services in the past, it’s only natural that you’d want to take steps to lessen your vulnerability.

Way 1 Wipe Your iPhone Data with 0% of Recovery

This is particularly important especially when you’re going to be getting rid of your iPhone, selling it, or recycling it. By erasing your data from iPhone, you are ensuring that it doesn’t fall into the wrong hands and that it isn’t recoverable.

Even using the built-in iOS factory reset feature simply isn’t enough as your data is still recoverable. For this reason, we recommend using iMyFone iPhone Eraser for Win/for Mac – a program which is designed purely for erasing data completely.

Try It FreeTry It Free

3 Steps are Required to Permanently Erase iPhone Data:

Step 1. Link your iPhone to computer and choose one of the 5 erasing modes, like “Erase Private Data”. (If you want to thoroughly reset your device, choose “Erase All Data”.)
Step 2. Let it do in-depth scanning of your device. Preview your iPhone data and select unwanted files.
Step 3. Simple click “Erase” button and confirm to begin the erasing process.

Erase Private Data

All Options on iMyFone iPhone Eraser:

  1. “Erase All Data” mode is similar to a normal factory reset but does more to make all the data unrecoverable.
  2. The “Erase Deleted Files” option permanently removes files which you previously deleted, which could be recovered.
  3. “Erase Private Data” allows you to view and efface private messages, contacts, call logs, photos, videos, note, WhatsApp chats, erc.
  4. Apply “Erase Private Fragments” if you use third-party apps, to completely wipe all the private traces left behind.
  5. With the “One Click Cleanup” feature, you can remove junk/temporary files, backup and delete photos and large files, compress photos, uninstall apps in bulk, which is filling up your storage space.

Way 2 Turn On Find My iPhone

If your iPhone is stolen or lost, your personal data will be at risk. When the “Find My iPhone” service is activated, you can sign into the iCloud panel and quickly locate your device. Just simply go to “Settings > iCloud” to activate it.

Turn On Find My iPhone

Way 3 Auto-Wipe iPhone Content

As daunting as this might seem, enabling the feature which automatically wipes your iPhone device after so many wrongly entered passcode attempts could prevent unwanted hands from getting access to your device.

To enable the auto-wipe feature, go to “Settings > Touch ID & Passcode > Erase Data”.

Erase Data

Way 4 Disable Siri

It was recently discovered that Siri had a security flaw which allowed personal data to be given even when an iPhone was locked, and password protected. While this has been fixed now, it’s worth turning Siri off as a precaution.

To turn off Siri, go to “Settings > General > Siri” and disable any of the options you don’t want to use.

Disable Siri

Way 5 Don’t Jailbreak Your iPhone

Jailbreaking your iPhone disables a lot of built-in iOS security measures, thus significantly decreasing the overall security of your device. Avoid jailbreaking your iPhone and downloading third-party (and potentially dangerous) apps.

Way 6 Revoke iOS App Permissions

When you first install an app, you will be prompted to allow certain permissions. Some of these permissions can be intrusive so if you believe it’s unnecessary, revoke the app’s permissions.

To revoke iOS app permissions, go to “Settings > Privacy” and tap on the specific app that you want to revoke permissions from.

Revoke iOS App Permissions

Way 7 Don’t Open Unfamiliar Links

Tapping on an unfamiliar link can take lead to dangerous websites which silently download malware in the background, and gather your personal data without you being aware of it. Simply don’t open any links that you aren’t sure are safe.