|
|||||||
 |
|
|
Thread Tools | Search this Thread | Display Modes |
Oct 22, 2010, 11:43 PM
|
#1 |
|
iOS 4.1 Security Issue - Bypassing the Lock Screen to Make Calls
I think I just found a security flaw in ios 4.1.
When you iPhone is locked with a passcode tap Emergency Call, then enter a non-emergency number such as ###. Next tap the call button and immediately hit the lock button. It should open up the Phone app where you can see all your contacts, call any number, etc. My iPhone is jailbroken so that could be causing it. Can anyone confirm that it works on non-jailbroken iPhones? |
|
|
0
|
|
Oct 23, 2010, 12:05 AM
|
#2 |
|
Does the same with mine, non-jailbroken.
|
|
|
|
0
|
|
Oct 23, 2010, 12:30 AM
|
#3 |
|
yep, flawed here, i4 with 4.0.1.. congratulations sir!
how in the heck did you find such a random combination of actions to test out? wow |
|
|
|
0
|
|
Oct 23, 2010, 12:35 AM
|
#4 |
|
So now that the flaw is public, I believe it goes without asking that you have reported it to Apple?
__________________
21" 2008 iMac, 13" MBP, 32Gb iPod Touch 4, 2002 eMac, iPod Touch 2 8GB, iPod Nano 1st gen, iPad 3 white 32 GB 3G, iPhone 5 16 GB. Uhmm... Fanboi! |
|
|
|
0
|
|
Oct 23, 2010, 01:06 AM
|
#5 |
|
holy crap.
awesome find. not that it matters to me personally... i never lock my phone. |
|
|
|
0
|
|
Oct 23, 2010, 01:07 AM
|
#6 | |
|
Quote:
|
||
|
|
0
|
|
Oct 23, 2010, 01:13 AM
|
#7 | |
|
It also seems to lock you out from doing anything else, even putting it to sleep. I had to power mine off.
Quote:
__________________
Help stop children from viewing internet pornography. "Next to the Word of God, the noble art of music is the greatest treasure in the world." -- Martin Luther Last edited by QuarterSwede; Oct 23, 2010 at 01:22 AM. |
||
|
|
0
|
|
Oct 23, 2010, 01:25 AM
|
#8 |
|
Works for me on my non-jb iPhone 4 running 4.1
Requires a reboot after though. -Kristijan |
|
|
|
0
|
|
Oct 23, 2010, 01:39 AM
|
#9 | |
|
Quote:
while in contacts, tap on a contact, make the phone call and hit 'end'. then the phone will go back to the lockscreen asking for a pw. |
||
|
|
0
|
|
Oct 23, 2010, 01:40 AM
|
#10 | |
|
Quote:
-Kristijan |
||
|
|
0
|
|
Oct 23, 2010, 09:59 AM
|
#11 |
|
Whilst in the phone app I held down the home button and entered voice control mode where I started a song. What other interesting things can we do?
|
|
|
|
0
|
|
Oct 23, 2010, 10:25 AM
|
#12 |
|
Works on mine running 4.1, (not jailbroken). If I proceed with making a call, I also get 3 beeps before the call connects that I do not get if I go through the proper procedure of unlocking the phone.
|
|
|
|
0
|
|
Oct 23, 2010, 06:10 PM
|
#13 |
|
Can anyone recommend any ways to get-around this security flaw until apple fixes it? such as addon's or something via cydia that will make you draw a pattern instead of inputting a number or w/e.. thanks!
|
|
|
|
0
|
|
Oct 23, 2010, 06:28 PM
|
#14 | |
|
Quote:
__________________
15 inch Macbook Pro with Retina Display / 3rd Generation Apple TV / 5th Generation Airport Extreme / 32GB White iPhone 4S |
||
|
|
0
|
|
Oct 23, 2010, 07:22 PM
|
#15 |
|
Weird. I can't make mine do it. Every time I hit the lock button, the phone just shuts off.
|
|
|
|
0
|
|
Oct 23, 2010, 07:44 PM
|
#16 | |
|
Quote:
__________________
If you're not a clairvoyant, then you shouldn't be speaking for a dead guy. The Apple "QC cycle," explained. Slow data, fewer bars? No, you don't have a bad SIM. |
||
|
|
0
|
|
Oct 23, 2010, 07:52 PM
|
#17 | |
|
Quote:
EDIT: just tried again and it worked this time... interesting flaw. I dont really care who sees my contacts tbh though. EDIT 2: You have to pretty much press the call button and the lock button at the same time. And come to think of it, this leaves the phone open to be used to call other people... |
||
|
|
0
|
|
Oct 23, 2010, 08:22 PM
|
#18 |
|
I think this is quite useful for lost iPhones. If you needed to email the owner or dial the owner's mom/dad/wife, you could easily do so.
|
|
|
|
0
|
|
Oct 23, 2010, 08:30 PM
|
#19 |
|
Reported to Apple.
|
|
|
|
0
|
|
Oct 23, 2010, 10:31 PM
|
#20 | |
|
Quote:
|
||
|
|
0
|
|
Oct 25, 2010, 05:06 AM
|
#21 |
|
This is a good find so congrats to the OP.
I can confirm that it works as described, I'm jailbroken on 4.1 iPhone 4. One thing I did notice being jailbroken is that after you enter the contacts screen, I can make SBSettings appear. I have it disabled on the lockscreen but obviously enabled in apps. You could possibly access apps through SBSettings from the dock. You could disable wifi/phone to stop a remote wipe through MobileMe. Just considering worst case scenario, never assume stupidity, ignorance or non-malicious intent.
__________________
Contact me for iPad/iPhone/iPod parts & repairs in the UK (West Midlands) Google Nexus One  iPhone 4 32GB Black Macbook Pro 17" 500GB HDD & 2GB RAM
|
|
|
|
0
|
|
Oct 25, 2010, 02:23 PM
|
#22 |
|
Confirmed that it does not work on my girlfriend's iPhone 3G on 3.1.3 but works on my 4.1 iPhone 4.
|
|
|
|
0
|
|
Oct 25, 2010, 04:17 PM
|
#23 |
|
i cant seem to do it, i tried like 20x. i4 4.1
|
|
|
|
0
|
|
Oct 25, 2010, 05:11 PM
|
#24 |
|
iOS 4.1 Security Issue - Bypassing the Lock Screen to Make Calls
Last edited by JD914; Oct 25, 2010 at 05:26 PM. |
|
|
|
0
|
|
Oct 25, 2010, 05:18 PM
|
#25 |
|
just saw this on 9 to 5 mac
__________________
Game Centre ID : davidhawkins iPhone 4, iPhone 3GS, iPod touch, Mac Mini |
|
|
|
0
|
|
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | Search this Thread |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| thread | Thread Starter | Forum | Replies | Last Post |
| App Brings the iOS Lock Screen to Your Mac | Vcxz | Mac Applications and Mac App Store | 4 | Sep 21, 2011 09:19 AM |
| iOS 4.2: What Do YOU Prefer the Hardware Switch to be, Rotation Lock or Mute? | whocaresit | iPad | 97 | Jan 13, 2011 06:10 AM |
All times are GMT -5. The time now is 02:29 AM.
