iOS 4.1 security bug: bypass passcode entry and access Phone, Photos apps
If you've got a passcode entry set on your iPhone, you might think it could block nefarious or mischievous people from accessing any part of your iPhone. Not so. We've been made aware of a security flaw in iOS 4.1 that allows users to bypass the passcode entry screen and gain direct access to the iPhone's Phone app. It's not just hype either: this is easier to pull off than the Konami code.
How it works: when the passcode entry screen comes up, tap "Emergency Call." Input any number you like, then tap "Call" and click the iPhone's sleep switch in quick succession (to get this to work, I had to perform the two actions almost simultaneously). If you've done the "trick" properly, you should now have full access to the iPhone's Phone app, including contacts, keypad, and calling history. What's more: tapping "Share Contact" and the camera icon will give you access to the Photos app. That's the extent of your access -- hitting the home button doesn't do anything at all -- but it's bad enough.
According to Daring Fireball's John Gruber, this bug isn't reproducible on the latest iOS 4.2 beta, so it's possible Apple was already aware of the security bug and has fixed it in 4.2. Until 4.2 is released, the best thing you can do is take our own Dave Caolo's advice: physical access is total access, so the first and most vital step to making sure people can't access your sensitive information is making sure they can't access your iPhone at all.
Subscribe to Newsletter
Software Updatesmore updates
- Camera+ 5 adds 'The Lab' in free update (Updated)
- Scout iOS navigation app is updated with hands-free voice commands
- Just in time for the holidays, iBooks Store adds the ability to send iBooks as gifts
- Just Sing It update polishes the best social karaoke app for singers, fans
- Evernote adds new premium features including business card scanning and presentation modes
- Dropbox updates to support PDF annotations and better integration with iWork