Apple iOS 4.1 Security Hole Revealed

From DailyTech: Commenters on Mac Rumors forums are reporting that Apple's iOS 4.1, the current software running on the iPhone, contains a security loophole that allows anyone who knows the easy trick to bypass the passcode entry screen and gain access to the Phone app.

Here's how it works: At the passcode entry screen, select "Emergency Call." Input any number, hit "Send" and the phone's sleep button in quick, almost simultaneous, succession. You will now have full access to the Phone app, which includes Contacts, Call History, Voicemail, and the Dialer. If you hit "Share Contact" and the camera button, you will also gain access to the Photos app. Simply hitting "Share Contact" or "Email" will allow you to send an e-mail or MMS, Boy Genius adds (see video). And that's about all you can do.

According to The Unofficial Apple Weblog, the loophole doesn't exist on the beta version of iOS 4.2, so it's possible that Apple is already aware of the problem. TUAW also makes the common sense point that the best way to ensure the security of your iPhone (or any other device that may contain sensitive information) is to prevent anyone from gaining physical access.

Then again, iPhone users may not need to worry about someone happening upon their lascivious text messages in the near future, if Apple does indeed implement its recent patent that prevents "sexting".

View: Article @ Source Site