New bug in iOS 13.3 allows kids to circumvent Communication Limits parental controls

Another week, another iOS update, and another round of software bugs. However, a new bug allows users, including children, to easily circumvent parental controls set up in the Communication Limits feature. 

As reported by CNBC, iOS 13.3 includes a new feature called Communication Limits. The feature is supposed to allow parents to block the phone from contacting people not already listed in the device’s contacts library. Parents can also block the addition of new contacts unless a PIN is entered. 

However, there’s a fairly simple way to bypass the feature: just don’t sync contacts to iCloud. 

If the phone is set up to either sync contacts to a third-party service (like Gmail) or only store contacts locally on the device, users can then add unknown or unapproved numbers that send text messages to the phone. Once the number is added to the contacts library, the user can then call, text, or FaceTime that number without any request for verification. 

CNBC also discovered that users can bypass Communication Limits by using an Apple Watch. Telling Siri to call or text a number through a synced Apple Watch completely ignores the contact list check.

Apple responded to CNBC, saying:

This issue only occurs on devices set up with a non-standard configuration, and a workaround is available. We’re working on a complete fix and will release it in an upcoming software update.

In the meantime, parents that want to shut down the bypass can manually set their child’s phone to sync contacts to iCloud by going into the “Contacts” page in Settings. Changing the default account to sync to iCloud should prevent children from circumventing Communication Limits.