Update: An Apple spokesperson told Wired that the security flaw will be patched in the forthcoming iOS 4.2, which is due in November.
Even when you’ve activated its passcode lock, your iPhone and its call data may not be as secure as you hoped: a newly revealed flaw lets strangers bypass the device’s lock screen using the Emergency Call functionality.
As demonstrated in a video (embedded below) made by a Brazilian iPhone user—and confirmed by Macworld and several other outlets—a simple sequence circumvents the password security on devices running iOS 4.1. From the iPhone’s lock screen, click on the Emergency Call button, enter a fake phone number (such as three pound signs), hit the green call button, and immediately press both the End Call and the Sleep/Wake button. That flaw will dump you into the iPhone’s Phone app, allowing you access to contact information, voicemail, and other call data.
Fortunately, you can’t get out of the Phone app and gain access to the rest of the iPhone’s software: neither clicking or double-clicking the Home button has any effect, and any attempt to launch Mail, Maps, Safari, Messages, or use FaceTime via the contact records was similarly fruitless. However, you can e-mail any contact information to an arbitrary address by using the Share Contact feature.
As of Tuesday morning, Apple hadn’t commented on the flaw.
Although September’s iOS 4.1 release contained a number of unspecified security upgrades, this isn’t the only security problem the iPhone has faced this month. A study from Pennsylvania’s Bucknell University revealed that roughly two thirds of popular iPhone apps transmit users UDIDs, leading to potential security concerns. UDIDs, or unique device identifiers, are a 40-digit sequence of letters and numbers, and can be used to identify users and transmit sensitive information, unencrypted and to third parties.
This also isn’t the first time the iPhone’s Emergency Call functionality has presented a security vulnerability. In August 2008, a flaw in the 2.0.2 of Apple’s iPhone software made it possible to jump from the Emergency Call screen directly to the Favorites section of the iPhone’s Phone app simply by double-clicking the Home button. That security hole did allow access to other apps as well, and was patched in a subsequent release.
Bug no iOS 4.1 from Salomão Filho on Vimeo.