Print 30 comment(s) - last by DKantUno.. on Oct 28 at 2:51 PM

Anyone can gain access to call history and other private info on iOS 4.1

Commenters on Mac Rumors forums are reporting that Apple's iOS 4.1, the current software running on the iPhone, contains a security loophole that allows anyone who knows the easy trick to bypass the passcode entry screen and gain access to the Phone app.

Here's how it works: At the passcode entry screen, select "Emergency Call." Input any number, hit "Send" and the phone's sleep button in quick, almost simultaneous, succession. You will now have full access to the Phone app, which includes Contacts, Call History, Voicemail, and the Dialer. If you hit "Share Contact" and the camera button, you will also gain access to the Photos app. Simply hitting "Share Contact" or "Email" will allow you to send an e-mail or MMS, Boy Genius adds (see video). And that's about all you can do.

According to The Unofficial Apple Weblog, the loophole doesn't exist on the beta version of iOS 4.2, so it's possible that Apple is already aware of the problem. TUAW also makes the common sense point that the best way to ensure the security of your iPhone (or any other device that may contain sensitive information) is to prevent anyone from gaining physical access.

Then again, iPhone users may not need to worry about someone happening upon their lascivious text messages in the near future, if Apple does indeed implement its recent patent that prevents "sexting".

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: So What Here??
By JasonMick on 10/26/2010 10:11:37 AM , Rating: 5

What is the big deal here? What do you expect when you, willingly or erroneously, handover physical custody of your phone to someone else? It’s not like they gained access to the data remotely.

Remember the Android Wall paper App that sent detailed contacts data to China from Millions of unsuspecting Android phone users (July-2010)? That was a SERIOUS SECURITY BLUNDER than accessing call logs locally.
Here is DT's own article on the subject ---(

The spy Wallpaper was downloaded by "between 1.1 million and 4.6 million” .
And despite that, 47 percent of Android apps STILL collects some sort of user information (without their knowledge).

A bit defensive? Perhaps you should do some reading on the concept of password protection.

Most phones are protected by passwords, e.g. the Android OS phones you mention. That way if your phone is lost, you aren't as f*cked, and can rest assured that your personal information is relatively safe from the average crook.

The Android apps in the article you reference DID NOT collect your voice mail passwords or call history. There was an erroneous report in VentureBeat that suggested as such, but this has since been clarified.

And note that Google swiftly issued a statement and removed the offending apps. Here Apple has done nothing and is pretending the problem doesn't exist. That the key difference between Google and Apple. Google's actions at least show it actually cares about protecting its customers, whereas Apple's actions thus far have indicated that it wouldn't give two ish1ts about its customers' security.

But if you're good with inferior products and service hey, no one's stopping you from embracing your beloved insecure, defect-prone technology and potentially paying the price...

RE: So What Here??
By bug77 on 10/26/10, Rating: -1
RE: So What Here??
By kmmatney on 10/26/2010 12:07:49 PM , Rating: 1
The iPhone was certainly meant for business use, on some scale. My company has been switching over, and its been working out great. Most of us have the phone reset itself if the wrong password is entered too many times.

If this flaw allowed users to access your email, then it would be very bad indeed, but contact and call log info is not so bad. I think the Android phones, with the swipe password are a bit worse, as if the swipe streaks can be on the screen, then you get access to everything.

To be honest, though, if you lose your iPhone, the phone itself is the mnost valuable item to the their. I'm sure they would be most interested in just resetting the device, and reselling it for a nice profit.

RE: So What Here??
By bug77 on 10/26/10, Rating: 0
RE: So What Here??
By Luticus on 10/26/2010 1:15:43 PM , Rating: 2
Nice attempt at trying to sweap a huge security flaw under the rug for apple! :-0

RE: So What Here??
By bug77 on 10/26/2010 5:41:55 PM , Rating: 1
I wasn't trying to sweep anything under the rug. I was just saying, Apple makes money by focusing on stuff that brings money. Security isn't on the top of that list. Just look at the spec sheet or product reviews for any phone: security isn't listed. Why? Because people don't care about it. They say they care, they act shocked when a flaw is found. But who buys a phone based on security?

RE: So What Here??
By Luticus on 10/27/2010 8:47:09 AM , Rating: 2
Security isn't on the top of that list.
I can tell.

Look, the simple fact is that when I buy a phone or any device I’m trusting it to not only work as intended but I’m also trusting it with anything personal that I happen to enter into the device. Clearly these two major facts are currently flawed with the iPhone right now. This isn't to say that apple won't fix it (I’m sure they will), but that in the mean time I’d be keeping a very close eye on my phone if I were an iPhone user. I'm just laughing that their perfect "bug free ultra secure" existence is being exposed for what it is... a complete fabrication!

I give apple crap for things like this because they give windows crap for things like this under the pretense that they don't Mac and Mac products don't have these kinds of problems. Apple tries to portray themselves as elitist and "better" and clearly (as shown here and many times before) apple products are just a man made and just as flawed as everything else out there. All that extra money isn't going to the "quality of the apple product tax", it's going right into apple's pockets as part of their profit margin and this is evidenced by the vast amount of articles I’m seeing that mirror these kinds of issues throughout the apple product line. Yellowed screens, over heating, band aids for signal, failing video cards, security flaws, exploits, jail breaking, and many more! Apple is NOT a Lexus, it's an old jaguar... looks pretty but I’ll be on a tow truck before long.

"If you can find a PS3 anywhere in North America that's been on shelves for more than five minutes, I'll give you 1,200 bucks for it." -- SCEA President Jack Tretton
Related Articles
Apple Granted Patent to Block Sexting
October 13, 2010, 9:30 AM

Latest Headlines
Inspiron Laptops & 2-in-1 PCs
September 25, 2016, 9:00 AM
The Samsung Galaxy S7
September 14, 2016, 6:00 AM
Apple Watch 2 – Coming September 7th
September 3, 2016, 6:30 AM
Apple says “See you on the 7th.”
September 1, 2016, 6:30 AM

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Inspiron Laptops & 2-in-1 PCs
September 25, 2016, 9:00 AM
Snapchat’s New Sunglasses are a Spectacle – No Pun Intended
September 24, 2016, 9:02 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki