Quantcast

Huge iPhone Security Flaw Bypasses Passcode Lock

Okay this is pretty serious. A newly discovered security flaw in iOS 4.1 allows you to bypass the Passcode lock on a jailbroken/non-jailbroken iPhone. I tested this myself and it worked on my iPhone 4 on iOS 4.1.

Here’s how the exploit works:

1. On the Passcode screen, go to emergency call.
2. Dial a fake number. I dialed #1337.
3. The moment you see the red “end call” bar press the sleep/wake button. You’ll need to perfect the 1-2 combo.
4. You will then be taken to the phone app, with full access to calling and contacts. You can share contacts and that will launch Mail. Mail contacts exposed too.

This is pretty serious as someone who bypasses your Passcode can cause serious damage through long distance calling and your contacts are wide open.

Apple will most likely release an iOS update I presume in the next 24-48 hours to address this.

Bug no iOS 4.1 from Salomão Filho on Vimeo.

Did the security flaw work on your iPhone?

[Macstories, MacMagazine]

Founder and Editor-in-Chief of iPhoneinCanada.ca. Follow me on Twitter, and @iPhoneinCanada, and on Google+.

  • IMALIVE

    On JB 4.0.1, this exploit works.

  • Anonymous

    Just tried this—and it works. First try.

  • Tenoarman

    & this is on a closed system, folks. Even though Apple’s had 2 flaws in a week, I still prefer them to Android as mobile viruses are on the way.

  • Chimpoko

    you can open up sbsettings as well if your phone is jail broken.

  • Anonymous

    Yup – pretty serious bug!

  • ZA

    You can set it to not to, though.

  • jwp

    this bug doesn’t seem to exist if you have a passcode that is set by a company policy/exchange mail server. i can try to do this, but i keep getting a message that states “Emergency Calls Only”. either that or i’m not doing this correctly.

  • jwp

    this bug doesn’t seem to exist if you have a passcode that is set by a company policy/exchange mail server. i can try to do this, but i keep getting a message that states “Emergency Calls Only”. either that or i’m not doing this correctly.

  • http://twitter.com/SPAzZDoGG Kirk Armstrong

    oh snap..it worked on mine…shiiiit! lol…

  • http://twitter.com/SPAzZDoGG Kirk Armstrong

    oh snap..it worked on mine…shiiiit! lol…

  • http://twitter.com/Xaroc  Xaroc

    Wow that is pretty serious. There was rumors of a 4.1.1 a couple weeks back for fixing the daylight savings bug which i figured they would just add it in to 4.2 being as its GM release is 2-3 weeks away. but this security issue shouldnt be put on the shelf. As Gary wrote, i too can see an update coming very soon because of this.

  • Knguncle3

    wrong buddy, I have the company enforced exchange password and this hack still works. This sucks, now I will have to JB and re-setup everything for this patch IOS release. :(

  • Palachu

    If you have multifl0w you can gain access to other apps running in the background

  • Palachu

    If you have multifl0w you can gain access to other apps running in the background

  • Holmes S

    I have a 3GS – couldn’t make that work at all. The end call button just flashes for a second and pressing sleep/wake does exactly that so I end up back to the passcode screen again. Perhaps I’m just not fast enough but it didn’t seem that easy to do.

  • Lbjackal

    So this very serious security flaw requires that the criminal actually has possession of your device. Who would this actually affect? If somebody has your iPhone and you think they would run-up long distance fees through a complicated and deliberate method, shouldn’t you be more worried that they’d simply steal your phone? Or maybe a Russian spy could get a hold of your phone and be able to find your eMail contacts before he gives your phone back… don’t flatter yourselves.

  • http://www.iphoneincanada.ca Gary

    If this exact same security flaw was on the Blackberry, you can imagine it
    would be big news. Regardless, it bypasses the passcode and exposes your
    phone and contacts. If your phone has sensitive company info, that would be
    very valuable.

  • ML

    Good find. I wasn’t able to launch a mail client and/or Facebook (some of my contacts have fb:// links) though. So it’s pretty much limited to my contacts list. Still a very serious security breach.

  • http://twitter.com/meonfire11 Mac

    This is also works on 4.0.1 JB

  • SMARTY

    Yup, works.Also, when your phone is locked, you can press HOME button for over 3 seconds and it launches VOICE CONTROL. At this stage, you can say “CALL HOME” (if you have a contact saved as “HOME” in your contact list), I do, and your phone will dial the number saved under HOME. Or you can just say “CALL” and it will re-dial the last dialled number. This shouldn’t be allowed from the lock screen.PRETTY SERIOUS.

  • http://kairubyte.com/ Kairu

    It works on mine, but since I had to turn on my passcode in order to test… I don’t care, since it won’t effect me.

    I use the complicated “Don’t let others get their hands on it” security method, since I dislike how the passcode breaks my experience.

  • Anonymous

    Tested on iPhone 3G and 4 running iOS 4.1 and it works!
    Jailbroken and non-Jailbroken phones worked. It was easier on the 3G because it was slower, with the speed of the iPhone 4 required faster fingers. But with some practice you can get it working.

  • roadcarver

    Oh man!

  • SMARTY

    You can disable it via “Activator”

  • Anonymous

    If you’re stupid enough to leave your phone lying around in public or unsavory places then you get what you deserve.

  • Marc

    Worked lile a charm!

  • Pingback: Apple Acknowledges Passcode Flaw, Fix Coming in iOS 4.2 | iPhone in Canada Blog - Canada's #1 iPhone Resource

  • Pingback: Apple Seeds iOS 4.2 GM, Official Release Soon? | iPhone in Canada Blog - Canada's #1 iPhone Resource

  • Tired Guest

    You’re assuming that’s the only way phones get into the wrong hands. I had mine ripped out of my hands by a dude when I was on the subway at 3:30pm on a Sunday (we had a tug-of-war but I lost, and he was a fast runner). Cops say it happens several times a day. Targets? iPhones, iPods, iPads… all Apple products. Bit of a headache now since the current possessor has been trying to reset the passwords on my accounts, so he’s bypassed my numerical passcode lock. The “Find my iPhone” OS update/release happened right after the phone was taken, so I’m SOL on that one. I’m taking WAY more physical and data precautions with this next iPhone.

  • Anonymous

    Unfortunately you’re one of the few “exceptions” to my comment. Sorry to hear about your misfortune.

  • nor a sheep

    Thats what your worried about? Mobile viruses? Im a software developer.. rest assured a closed system is not whats protecting anyone. It only genrates more money for apple.