October 25, 2010
Another week, another security problem. One week after Apple repaired a security hole in the new FaceTime for Mac application, comes word that the iPhone has a security bug too. It allows users to make phone calls even if the device is locked. According to Macstories, this occurs on iPhones using iOS 4.1:
With a combination of sleep button and a fake emergency call, it is possible to access the phone’s contact list and regular keypad even if the device is locked.According to reports, when your iPhone is locked, you have the option of making an emergency call or unlocking it with your password. If you choose the former and type in a random number to dial, you will gain access to your iPhone's list of contacts. This assumes you hit your sleep button when you see the red call button appear. From there you (or someone else) can see all contact information, and can make calls to any of them, all without unlocking the device. We were able to duplicate this behavior on our phones.
Needless to say, this can cause major problems, especially if you've lost your iPhone. Surely, some sort of bug fix is upcoming. However for the time being, please be aware of this potential problem.