News
iOS 4 security flaw allows iPhone users to bypass lock screen
By Jesse Hollington
Applications Editor, iLounge (Google+)
Published: Tuesday, October 26, 2010
News Category: iPhone
A MacRumors reader has identified a security flaw in iOS 4.1 that would allow users to bypass the iPhone lock screen. Attempting to place an emergency call to a non-emergency number and immediately pressing the sleep/wake button on the iPhone will open the Phone app, allowing the user to access contacts, call history, voicemail and call any number. The user will not be able to leave the Phone application and access other data on the device, and must either reboot the device or place and end another call to return to the normal lock screen. iLounge has confirmed that this issue exists in iOS 4.1 on all models of iPhone and have also received reports that the problem exists in at least some versions of iOS 4.0. Notably, John Gruber reports that the problem does not exist in iOS 4.2 beta 3, suggesting that Apple may have already identified and fixed the security flaw. Note that this issue does not affect the iPod touch as it has no Emergency Call feature.
Related Stories
- Sony launches Music Unlimited for iOS
- Tweetbot adds Nearby tweets, Keyword mute filters + more
- Facebook releases Facebook Camera
- Bump adds photo to computer transfers
- Sharp to supply tech for Foxconn iPhone display plant
- Infinity Blade II: Vault of Tears update released
Comments
If you have a comment, news tip, advertising inquiry, or coverage request, a question about iPods/iPhones/iPad or accessories, or if you sell or market iPod/iPhone/iPad products or services, read iLounge's Comments + Questions policies before posting, and fully identify yourself if you do. We will delete comments containing advertising, astroturfing, trolling, personal attacks, offensive language, or other objectionable content, then ban and/or publicly identify violators.
Recent News
- Pulp adds iCloud sync, new Home Page
- WordPress for iOS adds Push Notifications
- Sony launches Music Unlimited for iOS
- Apple device poll ends, computing poll begins
- Fruit Ninja adds new features and power-ups
- Apple to sell Nest Learning Thermostat
- Third-gen iPad to launch in Guam, Philippines May 29
- Apple tweaks App Store with Editors’ Choice, Free picks
- Panic releases Diet Coda
- Booq rolls out new Folio for iPad
Recent Reviews
- Pelican i1075 Hardback Case for iPad
- Skinit Skins for iPad (3rd-Generation)
- Spigen SGP Steinheil Ultra Optics Screen Protector for iPad (3rd-Gen)
- ZeroChroma VarioProtect for iPhone 4/4S
- BodyGuardz UltraTough Clear Skins for iPad (3rd-Gen)
- Wrapsol Original + Ultra Hybrid Protective Film for iPad 2/iPad (3rd-Gen)
- iBattz Mojo Removable Power Card Wallet
- dreamGEAR i.Sound Power View Pro S 2.1A Dual Charging Dock
- dreamGEAR i.Sound Universal Power View
- Sena Cases Florence Portfolio for iPad (3rd-Gen)
Recent Articles
- Removing music from iTunes after copying to iPod
- iOS Gems: Farm 123, Facebook Camera, Scribblenauts, Shoot the Zombirds + Virtua Tennis Challenge
- iTunes TV show size totals don’t match actual disk storage
- Consolidating Multiple iTunes Libraries
- Converting Purchased Videos to 1080p HD
- Find My Friends always reports home location
- Creating an iTunes Match library from an external hard drive
- Benefits of keeping apps in iTunes when using iCloud
- Recovering iTunes from an External Hard Drive
- Normalizing volume levels for Voice Memos
1
Strange that some people can’t reproduce the problem. I can’t on my iPhone 3G with iOS 4.1 installed.
Posted by Ted Wood on October 26, 2010 at 7:28 AM (PDT)
2
There may be other factors involved, however we have been able to reproduce it easily on several iPhones of various models using iOS 4.1.
Posted by Jesse Hollington in Toronto on October 26, 2010 at 7:33 AM (PDT)
3
I was able to expolit this flaw on an iphone 4 with ios 4.1 installed.
Posted by Khaled on October 26, 2010 at 11:42 AM (PDT)
4
Just tried it. Immidiately pressing the lock button after taping the phone icon, i easily reproduced the results
Posted by miles po on October 26, 2010 at 11:43 AM (PDT)