Glitch in Apple's iOS 4.1 allows iPhone access without passcode
A glitch discovered in iOS 4.1 allows iPhone users to access contacts, call history and voicemail on a passcode-locked handset without knowing the numeric entry required to unlock the phone.
As detailed by Engadget, the glitch can be accomplished on any model locked iPhone running iOS 4.1. Users can access the handset's phone application by dialing a random number from the "Emergency Call" button on the iPhone lock screen, and quickly pressing the lock button after dialing that call.
Upon pressing the hardware lock button atop the iPhone, a user can then access the call history, voicemail and address book on the phone. The glitch works on the iPhone 3G, iPhone 3GS and iPhone 4.
Once in the phone application, neither the lock or home buttons work, and the handset can only be returned to the lock screen by attempting to place a call. However, users can also hold down the home button to access voice control and play music from the iPod application.
Selecting "share contact" and then choosing the camera icon also allows users to view the photo album on the iPhone without having properly unlocked the device with the secure passcode.
The report noted that the glitch is also functional in early beta builds of iOS 4.2. Apple's forthcoming software update for the iPhone, iPod touch and iPad is set for release sometime in November.
As detailed by Engadget, the glitch can be accomplished on any model locked iPhone running iOS 4.1. Users can access the handset's phone application by dialing a random number from the "Emergency Call" button on the iPhone lock screen, and quickly pressing the lock button after dialing that call.
Upon pressing the hardware lock button atop the iPhone, a user can then access the call history, voicemail and address book on the phone. The glitch works on the iPhone 3G, iPhone 3GS and iPhone 4.
Once in the phone application, neither the lock or home buttons work, and the handset can only be returned to the lock screen by attempting to place a call. However, users can also hold down the home button to access voice control and play music from the iPod application.
Selecting "share contact" and then choosing the camera icon also allows users to view the photo album on the iPhone without having properly unlocked the device with the secure passcode.
The report noted that the glitch is also functional in early beta builds of iOS 4.2. Apple's forthcoming software update for the iPhone, iPod touch and iPad is set for release sometime in November.
Comments
This bug doesn't concern me to much, if someone takes my phone & is dumb enough to try & then use it, great! I can find them on GPS as long as the phone is turned on!
At the risk of turning this into an iPhone wish list, there are some other things I'd like to see "fixed":
ICE: It would be fantastic if emergency response personnel could access the ICE (In Case of Emergency) number in the address book without needing the phone's unlock code. Apple could add a button to the unlock screen that displays the ICE record (and only that record) from the address book. Just providing a "Dial ICE" button wouldn't work because there's no guarantee the iPhone will be able to make a cell connection.
EMAIL RINGTONES: I would love to assign a custom ringtone to my boss's email address so I never miss his emails. I get a few hundred emails a day, and would love to not have to pick up and unlock my phone to check emails every 2 minutes.
EMAIL PROFILES: I know this is a geeky Enterprise thing with a limited prospective user base, but I have to ask...I'd like to be able to set up schedule-based ringtone profiles. For example, between 12am and 5am I don't want to hear my email chirp unless it's A) my boss or
Looks like 4.1.1 is coming this week! Prepare for +500MB update.
This is a big complaint about iOS updates. It'd be nice to be able to just patch the OS with the affected files (over the air).
Wow, that's specific, makes me wonder if Microsoft or Google don't have bunch of guys working 24-hours a day trying to find weird little quirks like this. Let the conspiracy theories begin!
This bug doesn't concern me to much, if someone takes my phone & is dumb enough to try & then use it, great! I can find them on GPS as long as the phone is turned on!
Or, somebody could look at your phone while you're away from your desk, and delete some contacts etc. and you'd be none the wiser.
Or, somebody could look at your phone while you're away from your desk, and delete some contacts etc. and you'd be none the wiser.
You've just given me an idea..
Can't be replicated on the latest 4.2 beta. Looks like Apple is aware of it and already has a fix for it.
Good to know.
Nah, she was alright, just, way, way *intense*
It's already fixed in the current 4.2 betas.
I don't expect this to be out in the news, I think the news will all be "OMG TEH APPLE STEALZ ALL UR PHONE INFOZZ!!"
I don't normally get bothered by this sort of thing, but in this article it seems obnoxiously blatant.
EMAIL RINGTONES: I would love to assign a custom ringtone to my boss's email address so I never miss his emails. I get a few hundred emails a day, and would love to not have to pick up and unlock my phone to check emails every 2 minutes.
.
search for 'mailtones' in the appstore .. does exactly what you are looking for ..
nice, again and again the security for apple fails. Even though, we still can sleep soundly, because Apple does not have the viruses as everything else.... At least it was in the commercial...
I keep my Windows machines up to date at least weekly, and I just finished installing 13 "critical" security fixes. These kinds of security bugs happen pretty infrequently on the Mac/iOS, but because of the popularity of the devices and scrutiny from competitors every one becomes a big press piece. If every Microsoft security flaw became an article, you'd have a tough time reading anything else.
In regards to your viruses comment, I've been using Macs and PCs for 25 years now. I've never had a virus on the Mac (and I've never run Antivirus software there), but I've had probably more than 30 on my Windows machines (and that's WITH Antivirus software). It was so bad on our office network that you couldn't even plug a newly-installed machine into the network without getting a virus before you could download and install the AV updates. I got so tired of rebuilding Windows machines (because you can't ever cleanly remove a virus), I got rid of all of them except my BootCamp partitions on my Mac.
Have you read about some of the security flaws with Android? Please.