AppleInsider Staff
Apple this week rolled out new parental control features as part of iOS 13.3, but one of the most touted, Communication Limits, is easily defeated thanks to what appears to be a bug related to iCloud syncing.
Communication Limits debuted with iOS 13.3 on Tuesday and allows parents greater control over who their children talk to, text with or FaceTime.
The feature is two-pronged and blocks incoming and outgoing communications from anyone not in an iPhone's Contacts list, while restricting users — kids — from adding contacts without first entering a security PIN. When enabled, Communication Limits prevents children from talking to non-vetted contacts.
A bug, however, renders those protections largely useless.
Discovered by CNBC, Communication Limits can be bypassed if an iPhone's contacts are not synced with iCloud by default.
To demonstrate the flaw, CNBC tapped on an incoming text from an unknown number. As designed, a full-screen "Restricted Contact" pane appeared, but the page was easily bypassed by tapping on an "Add Contact" option. Adding the new contact to iPhone's Contacts list enabled unfettered access to the number.
Children can also use Siri on Apple Watch to text or call any number, even those not in the Contacts list of a paired iPhone.
CNBC found the above methods do not work when Downtime is enabled.
Apple in a statement said it is working on a fix, but failed to offer a timeline for release. In the meantime, parents can avoid the bug by changing an iPhone's default contacts syncing service to iCloud.
Malcolm Owen
William Gallagher
Charles Martin
Christine McKee
Wesley Hilliard
Andrew Orr
8 Comments
Apple's parental controls have always been a little buggy, but then again, how are the other guys on parental controls?... these seem like pretty obvious loopholes, but at least they’ve acknowledged it and are working on a fix.
Screen Time is more than a year old, but is still so damn buggy. Awesome feature but useless because of bugs. How much time does Apple need to make it work? My kids are growing up and can't wait.
This was missed because most people using these controls have Downtime enabled.
Last I checked (prior to 13.3), in my case, App Limits didn’t provide enough specificity to be useful. So Downtime was always enabled. And even then, Siri is still a problem because it is exempt — the young adult with autism living in my household will still stay up half the night talking to Siri even though Siri is cut off from most apps during Downtime. So I still have to go in and take the devices away. I guess it’s a safety feature, but it would be nice if there were a way to opt out of it.
And yet the whole Downtime thing is still a joke anyway. Why? You cannot prevent a kid from changing the clock on the phone! Downtime kicks in at 8 p.m.? No problem! Change the iPhone's clock back a couple hours. With my teenager, we've resorted to having him give us the phone at 8 p.m. each day and we charge it in a locked room.