Sign up for a new account or log in here:
also @ TechSpot: Weekend Open Forum: Imagining Google's own country
Home › News › Mobile Computing
iOS 4.1 security hole allows using the iPhone when it's locked
With the latest iOS 4.1, it appears that Apple has opened up a small security vulnerability: the iPhone's passcode no longer works as it should. If you input a random number in the emergency call field, press call, and then promptly hit the hardware lock button, you will gain access to the Phone app. The issue occurs on all iPhones that can been upgraded to iOS 4.1; the iPhone 3G, iPhone 3GS, and iPhone 4 are all vulnerable.
In other words, even if your phone is locked, you can make non-emergency phone calls from it. This could be easily abused by thieves who use your phone to make expensive calls right after they steal your iPhone. The hole also grants the user access to favorites, contacts, recent calls, and voicemail. Additionally, selecting "share contact" and then the camera icon will give you access to the photo album. Furthermore, if the user holds down the menu button he or she can gain access voice control and play locally-stored music. Here's a video from Boy Genius Report showing the issue:
We expect that Apple will have a fix available by iOS 4.2, though there's no date for that release yet. Currently, the 4.2 beta still has this problem since it has only been recently discovered and sent as a bug report to Apple.
User Comments: 27
Got something to say? Post a comment-
All so worried about keeping Iphones from being jailbroken, Apple leaves this vulnerability wide open. Great job Apple. Why don't you start spending less time protecting your bottom line and spend more time protecting your consumer. And Apple continues to be on my ban list. I will not buy an apple product.
-
So... My passcode is there just to annoy me everytime I wake up the phone from sleep mode... Apple, you should give out rewards to people who find these kind of security issues like this one, and maybe start a program like Mozilla did some time ago...
-
princeton said:
I never use a passcode. I just plan on having my iphone embedded in my arm.
-
Is this really a bug? Sounds more like an 'easter egg' or cheat code.
up down down left right A B B to unlock Flash
-
princeton said:bakape said:
Is this really a bug? Sounds more like an 'easter egg' or cheat code.
up down down left right A B B to unlock Flash
APPLE! Please do. Flash on my iphone would rock!
-
Apple is mostly looks, it's like a glass case with a lock and they expect you to store things in it which people do because apple tells them it's super safe... but it's glass case...sigh
-
frodough said:
but it's glass case...sigh
Yes! A glass case that shatters
-
Why can't they just release a hotfix like 4.1.1 or something instead of waiting until 4.2 is ready?
-
What I find more severe is the fact you can completely reformat an iPhone even if it has a passcode, which should allow for activition if the SIM card is in. No idea how iPhone activation works though...
-
Besides these things apple is releasing new softwares
-
Another apple blunder apple is one company i don't trust and wish they would go under lol. Lets see they make a phone that is messed up and then blame the customer.
-
[Quote] Lets see they make a phone that is messed up and then blame the customer.
Also, don't forget they made a tablet with wifi issues and blamed the consumer's routers.
I honestly wouldn't pick on Apple so much if they weren't so stuck up about how perfect their products are. So I can't help but laugh at their misfortunes.
good job apple, making theft easier and easier...
That seems like a pretty obvious case that should have been checked by QA. "What happens when we hardlock the phone to interrupt an emergency call?"
And Apple continues to be on my ban list. I will not buy an apple product.
You don't know what you're missing out on. 
"Another apple blunder apple is one company i don't trust and wish they would go under lol."
I agree. I can't stand Apple and their owners tick me off. Apple is better than..blah blah blah.
Not a big apple fan but it'll be fun to mess with my machead friend. At least he's not pretentious about it.
This reminds me of the windows 95 hack that let you login to the computer without knowing the password.
im just tired of apple, im either moving to android or win mo 7 next phone.
wow idk how apple overlooked this flaw. for the pricetag on their gadgets, they should protect their users from these kinds of vulnerabilities.
lets go steal an iphone. haha kidding
Just tried it on my iPhone 3GS (fully updated) and indeed this works! just showed the guys at work and since the office is full of iPhones it is now causing a bit of a stire
AppleFanboy said:
And Apple continues to be on my ban list. I will not buy an apple product.
You don't know what you're missing out on.
Oh, but I do.. And it's not worth it..
apple: not good
Yeah - I've been showing this off at work too. Most of the folks here are saying, "who cares? Who said their stuff was secure anyway?" Guess I'm the only one really worried about people making calls to my CIO from my phone.
Till now, we used to hear that the iphone universe is locked down because of security. Now we found out that they can't even design the lock screen in their phone. Awesome
Most Popular
| Trending | Featured |
-
Microsoft launches YouTube app, Google demands it taken down
-
Nvidia Shield arrives in June for $349, pre-orders open now (update)
-
Bill Gates is once again the richest person in the world
-
Asus' new lineup of Z87 Haswell motherboards revealed
-
Google, NASA join forces to build quantum computing laboratory
Featured on Routers
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.