Become a MacRumors Supporter for $25/year with no ads, private forums, and more!
  • Did you order new AirTags? We've opened a dedicated AirTags forum.

jordand321

macrumors member
Original poster
Apr 3, 2008
72
0
New Zealand
I think I just found a security flaw in ios 4.1.

When you iPhone is locked with a passcode tap Emergency Call, then enter a non-emergency number such as ###. Next tap the call button and immediately hit the lock button. It should open up the Phone app where you can see all your contacts, call any number, etc.

My iPhone is jailbroken so that could be causing it. Can anyone confirm that it works on non-jailbroken iPhones?
 

iluvifone

macrumors 6502
Jun 28, 2010
281
0
yep, flawed here, i4 with 4.0.1.. congratulations sir!

how in the heck did you find such a random combination of actions to test out? wow
 
Comment

Bernard SG

macrumors 65816
Jul 3, 2010
1,354
3
So now that the flaw is public, I believe it goes without asking that you have reported it to Apple?
;)
 
Comment

strodda

macrumors regular
Jul 29, 2010
231
0
holy crap.

awesome find. not that it matters to me personally... i never lock my phone.
 
Comment

strodda

macrumors regular
Jul 29, 2010
231
0
yep, flawed here, i4 with 4.0.1.. congratulations sir!

how in the heck did you find such a random combination of actions to test out? wow

i gotta assume he was bored and was trying to do it. kinda random to happen by coincidence.
 
Comment

strodda

macrumors regular
Jul 29, 2010
231
0
Works for me on my non-jb iPhone 4 running 4.1
Requires a reboot after though.

-Kristijan

it doesnt.

while in contacts, tap on a contact, make the phone call and hit 'end'. then the phone will go back to the lockscreen asking for a pw.
 
Comment

PNutts

macrumors 601
Jul 24, 2008
4,861
356
Pacific Northwest, US
Whilst in the phone app I held down the home button and entered voice control mode where I started a song. What other interesting things can we do?
 
Comment

SnowDX

macrumors 6502
Jun 30, 2010
384
35
The Great White North
Works on mine running 4.1, (not jailbroken). If I proceed with making a call, I also get 3 beeps before the call connects that I do not get if I go through the proper procedure of unlocking the phone.
 
Comment

iluvifone

macrumors 6502
Jun 28, 2010
281
0
Can anyone recommend any ways to get-around this security flaw until apple fixes it? such as addon's or something via cydia that will make you draw a pattern instead of inputting a number or w/e.. thanks!
 
Comment

forza69

macrumors 6502a
Jan 30, 2010
761
81
San Diego, CA
Can anyone recommend any ways to get-around this security flaw until apple fixes it? such as addon's or something via cydia that will make you draw a pattern instead of inputting a number or w/e.. thanks!

Chances are, whoever finds your phone won't be some iPhone expert. It's not that big of a deal. Though, you deserve it if you're careless enough to leave such an expensive piece of technology laying around. Either way, look for AndroidLock in Cydia.
 
Comment

scaredpoet

macrumors 604
Apr 6, 2007
6,627
342
Can anyone recommend any ways to get-around this security flaw until apple fixes it? such as addon's or something via cydia that will make you draw a pattern instead of inputting a number or w/e.. thanks!

Using a security flaw to get around a security flaw? Ironic, much?
 
Comment

rkmac

macrumors 6502
Jun 22, 2009
413
0
JAFA, New Zealand
Weird. I can't make mine do it. Every time I hit the lock button, the phone just shuts off.

Same here.

EDIT: just tried again and it worked this time... interesting flaw. I dont really care who sees my contacts tbh though.
EDIT 2: You have to pretty much press the call button and the lock button at the same time. And come to think of it, this leaves the phone open to be used to call other people...
 
Comment

chembox

macrumors 6502a
Feb 17, 2010
660
0
I think this is quite useful for lost iPhones. If you needed to email the owner or dial the owner's mom/dad/wife, you could easily do so. :D
 
Comment

kAoTiX

macrumors 6502
Oct 14, 2008
487
0
Midlands, UK
This is a good find so congrats to the OP.
I can confirm that it works as described, I'm jailbroken on 4.1 iPhone 4.

One thing I did notice being jailbroken is that after you enter the contacts screen, I can make SBSettings appear. I have it disabled on the lockscreen but obviously enabled in apps. You could possibly access apps through SBSettings from the dock. You could disable wifi/phone to stop a remote wipe through MobileMe.

Just considering worst case scenario, never assume stupidity, ignorance or non-malicious intent.
 
Comment

macdim

macrumors 6502
Oct 16, 2007
355
0
Canada
Confirmed that it does not work on my girlfriend's iPhone 3G on 3.1.3 but works on my 4.1 iPhone 4.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.