iOS 4.1 Security Issue - Bypassing the Lock Screen to Make Calls

Discussion in 'MacRumors.com News Discussion' started by jordand321, Oct 22, 2010.

  1. jordand321 macrumors member

    Joined:
    Apr 3, 2008
    Location:
    New Zealand
    #1
    I think I just found a security flaw in ios 4.1.

    When you iPhone is locked with a passcode tap Emergency Call, then enter a non-emergency number such as ###. Next tap the call button and immediately hit the lock button. It should open up the Phone app where you can see all your contacts, call any number, etc.

    My iPhone is jailbroken so that could be causing it. Can anyone confirm that it works on non-jailbroken iPhones?
     
  2. Runt888 macrumors 6502a

    Joined:
    Nov 17, 2008
  3. iluvifone macrumors 6502

    Joined:
    Jun 28, 2010
    #3
    yep, flawed here, i4 with 4.0.1.. congratulations sir!

    how in the heck did you find such a random combination of actions to test out? wow
     
  4. Bernard SG macrumors 65816

    Bernard SG

    Joined:
    Jul 3, 2010
    #4
    So now that the flaw is public, I believe it goes without asking that you have reported it to Apple?
    ;)
     
  5. strodda macrumors regular

    Joined:
    Jul 29, 2010
    #5
    holy crap.

    awesome find. not that it matters to me personally... i never lock my phone.
     
  6. strodda macrumors regular

    Joined:
    Jul 29, 2010
    #6
    i gotta assume he was bored and was trying to do it. kinda random to happen by coincidence.
     
  7. QuarterSwede macrumors G3

    QuarterSwede

    Joined:
    Oct 1, 2005
    Location:
    Colorado Springs, CO
    #7
    It also seems to lock you out from doing anything else, even putting it to sleep. I had to power mine off.

    I just did even if he didn't.
     
  8. Kristijan macrumors member

    Joined:
    Aug 5, 2007
    Location:
    Melbourne, Australia
    #8
    Works for me on my non-jb iPhone 4 running 4.1
    Requires a reboot after though.

    -Kristijan
     
  9. strodda macrumors regular

    Joined:
    Jul 29, 2010
    #9
    it doesnt.

    while in contacts, tap on a contact, make the phone call and hit 'end'. then the phone will go back to the lockscreen asking for a pw.
     
  10. Kristijan macrumors member

    Joined:
    Aug 5, 2007
    Location:
    Melbourne, Australia
    #10
    Cool, thanks.

    -Kristijan
     
  11. PNutts macrumors 601

    PNutts

    Joined:
    Jul 24, 2008
    Location:
    Pacific Northwest, US
    #11
    Whilst in the phone app I held down the home button and entered voice control mode where I started a song. What other interesting things can we do?
     
  12. SnowDX macrumors 6502

    Joined:
    Jun 30, 2010
    Location:
    The Great White North
    #12
    Works on mine running 4.1, (not jailbroken). If I proceed with making a call, I also get 3 beeps before the call connects that I do not get if I go through the proper procedure of unlocking the phone.
     
  13. iluvifone macrumors 6502

    Joined:
    Jun 28, 2010
    #13
    Can anyone recommend any ways to get-around this security flaw until apple fixes it? such as addon's or something via cydia that will make you draw a pattern instead of inputting a number or w/e.. thanks!
     
  14. forza69 macrumors 6502a

    forza69

    Joined:
    Jan 30, 2010
    Location:
    San Diego, CA
    #14
    Chances are, whoever finds your phone won't be some iPhone expert. It's not that big of a deal. Though, you deserve it if you're careless enough to leave such an expensive piece of technology laying around. Either way, look for AndroidLock in Cydia.
     
  15. jayducharme macrumors 68030

    jayducharme

    Joined:
    Jun 22, 2006
    Location:
    The thick of it
    #15
    Weird. I can't make mine do it. Every time I hit the lock button, the phone just shuts off.
     
  16. scaredpoet macrumors 604

    scaredpoet

    Joined:
    Apr 6, 2007
    #16
    Using a security flaw to get around a security flaw? Ironic, much?
     
  17. rkmac macrumors 6502

    rkmac

    Joined:
    Jun 22, 2009
    Location:
    JAFA, New Zealand
    #17
    Same here.

    EDIT: just tried again and it worked this time... interesting flaw. I dont really care who sees my contacts tbh though.
    EDIT 2: You have to pretty much press the call button and the lock button at the same time. And come to think of it, this leaves the phone open to be used to call other people...
     
  18. chembox macrumors 6502a

    Joined:
    Feb 17, 2010
    #18
    I think this is quite useful for lost iPhones. If you needed to email the owner or dial the owner's mom/dad/wife, you could easily do so. :D
     
  19. -Garry- macrumors 6502a

    -Garry-

    Joined:
    Oct 23, 2005
    Location:
    Manchester, UK
  20. Applejuiced macrumors Nehalem

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
    #20
    Easy, dont let people play with your phone:)
     
  21. kAoTiX macrumors 6502

    kAoTiX

    Joined:
    Oct 14, 2008
    Location:
    Midlands, UK
    #21
    This is a good find so congrats to the OP.
    I can confirm that it works as described, I'm jailbroken on 4.1 iPhone 4.

    One thing I did notice being jailbroken is that after you enter the contacts screen, I can make SBSettings appear. I have it disabled on the lockscreen but obviously enabled in apps. You could possibly access apps through SBSettings from the dock. You could disable wifi/phone to stop a remote wipe through MobileMe.

    Just considering worst case scenario, never assume stupidity, ignorance or non-malicious intent.
     
  22. macdim macrumors 6502

    Joined:
    Oct 16, 2007
    Location:
    Canada
    #22
    Confirmed that it does not work on my girlfriend's iPhone 3G on 3.1.3 but works on my 4.1 iPhone 4.
     
  23. ivan300 macrumors member

    Joined:
    Aug 16, 2010
    #23
    i cant seem to do it, i tried like 20x. i4 4.1
     
  24. JD914 macrumors 6502a

    JD914

    Joined:
    Sep 24, 2007
    Location:
    Dutchess County NY
    #24
  25. davidhawkins123 macrumors regular

    Joined:
    Apr 21, 2010
    Location:
    England

Share This Page