New security flaw in iOS 8 and iOS 8.0.2 allows someone to break into your iPhone unchallenged
A YouTube video reveals a security issue that is plaguing the Touch ID and Passcode security features for iOS 8 and iOS 8.0.2. The flaw springs into action when an Apple iPhone running either build of iOS, is plugged into a computer or outlet. The "Allow Hey Siri" setting must be activated. With everything set in this manner, a stranger can bust into someone's Apple iPhone unchallenged.
We should note that this glitch doesn't always work, but the fact that it does leave an opening that can be taken advantage of, could be enough to scare some iPhone users, especially those using their iOS powered handset in the workplace. To take advantage of the glitch, with the above prerequisites in place, you ask Siri a question. Before she comes up with the answer, you press the home button and swipe to the right, and you just might have used a Jedi mind trick to get past the iPhone's security system.
source: EverythingApplesPro
UPDATE: According to a published report on Monday, this glitch in iOS 8 has turned out to be a fake. What is really happening is that Touch ID is being activated with a slight press of the home button. This also explains why the so-called glitch only worked occasionally.
source: Gizmodo
There are some reasons not to lose too much sleep over this. As we said before, the glitch works very rarely, and requires the particular setup that we described above. And if you keep your iPhone out of the hands of strangers, you should have nothing to worry about. Still, Apple usually doesn't like to leave any glitches floating around, no matter how much of a long shot it might be to exploit them. In other words, expect a fix in the not too distant future.
source: EverythingApplesPro
UPDATE: According to a published report on Monday, this glitch in iOS 8 has turned out to be a fake. What is really happening is that Touch ID is being activated with a slight press of the home button. This also explains why the so-called glitch only worked occasionally.
source: Gizmodo
Things that are NOT allowed: