Apple promises fix for iPhone bug that lets children access blocked content
Unsplash: Onur BinayA bug that allowed iPhone and iPad users to circumvent Screen Time access control is being fixed four years after it was first reported.
Apple has finally agreed to fix the Screen Time bug in its future iOS updates. This bug allowed users, especially children, to bypass the screen time limits set by their parents and access blacklisted websites.
The bug was first reported in 2021, but Apple has let it remain unchecked. However, following the report by Joanna Stern in The Wall Street Journal, Apple issued a statement saying it “takes reports of issues regarding Screen Time very seriously and have been consistently making improvements.” It has also confirmed “substantial Screen Time fixes” in the latest iOS 17.5 release.
The bug allowed children to gain access by prefixing a set of special characters into the URL of the blocked website on the Safari browser.
The same sequence of characters reportedly worked even with corporate web blacklisting on phones, and device management apps on computers.
The report states that security researcher Andreas Jagersberger and colleague Ro Achterberg reported this bug to Apple’s security team in March 2021. However, Apple directed them to file a general report via the company’s feedback tool rather than accepting it as a security issue.
When the same bug was highlighted again as a security issue, Apple reportedly said, “We do not see any actual security implications.”
After spending three years filing various reports, suggesting a fix, and failing to get Apple’s attention, the researcher duo reached out to the Wall Street Journal. Stern confirmed the bug and got a promising response from Apple.
Several other issues were highlighted to Apple, including usage tracking and app limits. To which Apple has responded, “Our work is not done, and we will continue to make updates in upcoming software releases.”