Huge iPhone Security Flaw Bypasses Passcode Lock

Okay this is pretty serious. A newly discovered security flaw in iOS 4.1 allows you to bypass the Passcode lock on a jailbroken/non-jailbroken iPhone. I tested this myself and it worked on my iPhone 4 on iOS 4.1.

Here’s how the exploit works:

1. On the Passcode screen, go to emergency call.
2. Dial a fake number. I dialed #1337.
3. The moment you see the red “end call” bar press the sleep/wake button. You’ll need to perfect the 1-2 combo.
4. You will then be taken to the phone app, with full access to calling and contacts. You can share contacts and that will launch Mail. Mail contacts exposed too.

This is pretty serious as someone who bypasses your Passcode can cause serious damage through long distance calling and your contacts are wide open.

Apple will most likely release an iOS update I presume in the next 24-48 hours to address this.

Bug no iOS 4.1 from Salomão Filho on Vimeo.

Did the security flaw work on your iPhone?

[Macstories, MacMagazine]

P.S. Help support us and independent media here: Buy us a beer, Buy us a coffee, or use our Amazon link to shop.