iOS 13.3 Communication Limits Can Be Bypassed

iOS 13.3 introduces new parental controls, including the ability to limit a child’s contacts. A defect in the release could enable your children to call or text strangers.

By Chand Bellur

December 24, 2019 at 5:15 p.m. PDT

Astonishingly Easy to Thwart Restricted Contacts

Apple is well known for embracing security and privacy. With a business model based on selling devices and services, there’s no incentive to sell your personal data. Marketed to families, Apple products are designed to give parents peace of mind that their children are protected.

As iOS releases become more complex, increased defects tend to be introduced. Apple’s newest feature, Communication Limits, contains a bug making the feature embarrassingly easy to thwart.

When a supervised iPhone user is contacted from an unknown number, the Communication Limits feature kicks in, displaying a message that the contact is restricted. Unfortunately, simply adding the number to Contacts allows anyone to bypass this rather permeable barrier.

The defect only affects a small portion of iOS users, who have non-standard setups. Most families are not exposed to this security flaw.

How to Fix Communication Limits Security Flaw

The underlying reason why unknown contacts can get through is understood. It has to do with how iCloud contacts are synchronized. If contacts are not stored to iCloud by default, they’re not sync’d to Apple’s servers. When a restricted contact is added as a new contact, they’re trusted by default.

The defect seems to be that contacts that are only stored on the device, such as those newly created, are no longer evaluated as restricted. Apple can easily fix this flaw, but, for now, there’s a quick workaround.
On your child’s phone, tap on Settings > Contacts then select Default Account. Next, change this to iCloud. If it’s already set to iCloud, your child’s device shouldn’t be affected by the defect. For those who changed it to iCloud from another service, the flaw is now effectively fixed.

You Should Still Upgrade to iOS 13.3

Even though iOS 13.3 parental controls can be easily bypassed, it’s still worth updating your iPhone to the new release. The flaw affects few users. Most children won’t figure out how to bypass the Communication Limits feature. It’s better than nothing.

iOS 13.3 also introduces other new features and fixes several bugs. Many remediated defects solve security flaws, making iOS 13.3 an essential software update.

