backtop

Print E-mail del.icio.us 13 comment(s) - last by blacklace510.. on Aug 31 at 5:05 PM
Apple iPhone 3g owners, look out... there's another flaw you need to know about!

Apple has promised to fix an iPhone security flaw that lets people bypass a password designed to protect personal information on a user's phone.  

First discovered by MacRumors and confirmed by Gizmodo, the flaw also affects iPod Touch owners.  Specifically, users simply tap the "Emergency Call" button on the password-entry screen, and then tap the home button twice.

Doing this will allow the person to have access to a user's favorites and a list of contacts.  Clicking on any contact's name will reveal the person's phone number and will have access to the phone function -- i.e. clicking on the e-mail function will let the person send an e-mail to the contact.

While Apple works on an official patch to fix the issue, iPhone or Touch owners can go into the settings and change it so a double click on the home button will go back to the home screen instead of the favorites section.

The security problem doesn't give a mischievous person full access to the phone, but attackers can still wreak havoc by copying personal information and possibly racking up costly data charges on the phone.

A similar flaw appeared last January, and Apple fixed it, but users were dismayed to see that it has reared its ugly head again.  Apple has put a stronger emphasis into trying to get the iPhone into the corporate world, but security issues like this one make it difficult for companies to want to use the iPhone.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
WM 6
By Smilin on 8/29/2008 10:03:35 AM , Rating: 5
Apple is still getting this all figured out. It's only their 2nd phone. My Windows Mobile device (up to 6th version) allows emergency calls, plus calls to numbers I specify only. No workaround that I've ever heard of. The data on it is also encrypted and it can be remotely wiped if it's ever stolen. Failure to enable these settings also prevents it from attaching to my corporate network.

The iPhone is a *great* toy for consumers but it's going to take more than an Exchange connector to make it ready for the enterprise.




RE: WM 6
By audiomaniaca on 8/29/2008 11:16:44 AM , Rating: 2
Amen!


RE: WM 6
By daftrok on 8/29/2008 12:04:07 PM , Rating: 3
Couldn't have said it better myself. Apple has a long way to go before it can be considered a reliable phone hardware company.


RE: WM 6
By hiscross on 8/29/2008 12:13:36 PM , Rating: 2
You better read what has been said in the post above. The current issue that the iPhone has is available on other devices. Taking those comments literally, then other devices have a serious security issue and are not ready for the enterprise.


RE: WM 6
By michael2k on 8/29/2008 12:37:44 PM , Rating: 1
Well, on their second phone attempt they do have:
1) Emergency calls
2) Remote wipe
3) Exchange connector

So all it seems to be missing is encryption, list of prespecified numbers, and of course, bug fixes.


Lots of iPhone coverage
By Flunk on 8/29/2008 12:39:10 PM , Rating: 2
Is if just me or does DailyTech cover the iPhone like it's the second coming? Either the iPhone is the worst, buggiest phone on the market or DailyTech is over-covering it. Seriously, there are other phones and topics to report on.




RE: Lots of iPhone coverage
By ted61 on 8/29/2008 4:59:10 PM , Rating: 2
The Dailytech writers all want iphones but they can't afford them. If you can't afford it, write about it.

Out here in the San Fran bay area, Steve Jobs is like a god! At work, we are not allowed to buy bose computer speakers but we can buy a bose ipod dock.


RE: Lots of iPhone coverage
By michael2k on 8/29/08, Rating: 0
RE: Lots of iPhone coverage
By lagitup on 8/30/2008 11:23:59 PM , Rating: 3
Try taking the iCock out of your mouth before talking next time...makes it *so* much easier to hear you =)


RE: Lots of iPhone coverage
By audiomaniaca on 8/31/2008 5:51:03 AM , Rating: 2
What a bunch of crap you say. Have you ever seen or heard about windows mobile and palm OS? I'm sure you have.

People like you are the same that keep saying that Apple invented the mouse, the graphic user interface and the mp3 player.


My BlackBerry does the same thing
By hiscross on 8/29/2008 8:48:16 AM , Rating: 2
I have a BB 8703e that is given to me by my company. We have a policy to passwd protect our mobile phones. I've always had the capability to make calls from a locked phone, plus look up any name in the address book. Maybe the iPhone security issue is deeper than that.




By jimbojimbo on 8/29/2008 2:02:48 PM , Rating: 2
You're allowed to do those things because they are allowed in the policy. The enterprise server can lock it all down if they wanted to.


IPhone Buyers Beware
By blacklace510 on 8/31/2008 5:05:58 PM , Rating: 2
There are a few details that you wont be told when you buy an IPhone: (1) the phone cannot be insured. (2) the speakers dont work well (3) the phone cannot subscribe to mobile backup, an AT&T services to backup contacts to a website and make them available for download should you lose your phone. The IPhone is no longer available in local stores, you have to order it. THE BIGGEST FALSE STATEMENT OR OMISSION IS THAT THE30 day buyer remorse doesn't begin when you receive your IPhone and activate it. IT BEGINS WHEN YOU ORDER THE PHONE AND AT&T WILL NOT ALLOW A RETURN AFTER 30 DAYS OF ORDERING THE PHONE ALTHOUGH IT COULD TAKE UP TO 3 WEEKS TO RECEIVE THE PHONE. JUST SO YOU KNOW....




"If you mod me down, I will become more insightful than you can possibly imagine." -- Slashdot









botimage
Copyright 2009 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki