Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iPhone Passcode Flaw Already Addressed for Future Firmware Update?
- Thread starter MacRumors
- Start date
- Sort by reaction score
I just did it but MY setting for hitting Home Button twice is set to iPod, but the option is for Favorites. If anyone is that scared then set you Home Button option to iPod for the time being till the update! 
I agree with your point of sensationalism, but you realize that it's Engadget that is partnered with AOL-TimeWarner, not Gizmodo, right? They have no affiliation.
Gizmodo is a part of Gawker Media, though, and right now they are being sponsored by Verizon--who I am sure is proud to present iPhone flaws.
Are you serious? Gizmodo, along with Engadget are some of the most pro-Apple websites online. And you know why? Because it drives page views. Tons of Apple users flood their site and view the related articles. Gizmodo has tons of sponsors. I'm pretty sure I've seen Mac vs PC ads on there before. And microsoft. They don't care a whole lot about the content they publish with regard to how it relates to sponsors. I'm sure it's in the agreements they've made. Besides, Gizmodo never turns downan oppurtunity to rip a company a new one. But overall they are pro Apple, especially Jesus Diaz's posts. He is in love with his iPhone.
Because these sites make money by posting links to each other and getting their click counts and ad views up. That's why this is on page 1.
Welcome to MacRumors, and the internet.
Hehe. Just a while ago I wrote here in the forums that i cannot understand why Apple don't encrypt the iPhone's storage and everybody told me that that was unnecessary since the passcode alone protects the data well enough.
And now that it has been revealed that the passcode doesn't protect anything, it turns out that it is not a big deal, since a passcode wouldn't stop anyone anyway.
I vote for on-disk encryption again. Why didn't Apple include that feature?
Fancy. I have my home button set for ipod though. That way I was able to replace the ipod icon on the iphone dock with settings. It doesn't matter though, I don't use the password. -_-
i had passcode on iphone, when update to 2.02 it crashes and was on recovery. click recover and failed. called apple told me to create new user name in windows xp, launch itunes, plug my iphone in and it download 2.02 software. when all done my phone was like brand new, no passcode, life time usage was reset to 0.
wow, the comments on this thread can't be more stupid. maybe it's all the 13 year olds who get their phone paid by daddy and who don't have privacy concerns because they don't work and spend their time on myspace
a lot of people need to leave their phone in their office while on a meeting, in a different work place, a laboratory or so. also you need to give your phone to security if you want to enter a company sometimes. in those cases it's not that the colleagues or security is going to professionally hack your phone. but if it's that easy they might just sniff around your contacts and e-mails. who want's that?
there are many examples where others get access to your phone (without you being stupid) and where light security is enough to prevent people seeing your privat and corporate mail/contacts. the passcode is for those situations.
so stop making stupid remarks like "we don't need a passcode anyway because a pro can hack it" or "your dumb for letting others use your phone!!11!!!".
a lot of people need to leave their phone in their office while on a meeting, in a different work place, a laboratory or so. also you need to give your phone to security if you want to enter a company sometimes. in those cases it's not that the colleagues or security is going to professionally hack your phone. but if it's that easy they might just sniff around your contacts and e-mails. who want's that?
there are many examples where others get access to your phone (without you being stupid) and where light security is enough to prevent people seeing your privat and corporate mail/contacts. the passcode is for those situations.
so stop making stupid remarks like "we don't need a passcode anyway because a pro can hack it" or "your dumb for letting others use your phone!!11!!!".
why would I email apple ???
This fix depends on you running a jailbroken iPhone with ssh,neither of which is supported by apple to begin with. It's not a bug or exploit. It's a hack based
on being able to access the underlying os via ssh.
Exactly i could care less that someone got pass the passcode. Because I could gaurantee you that they are not going to be like "oh i could'nt figure out the code so heres your phone back"
go to school
People gotta stop stealing from other people man. Go to school man. Get an education man. Quit stealin my sh*t man.
People gotta stop stealing from other people man. Go to school man. Get an education man. Quit stealin my sh*t man.
agreed
also, if passcode is on and call is received the phone bypasses passcode and after call user has access to phone
also, if passcode is on and call is received the phone bypasses passcode and after call user has access to phone
How does a billionaire like Steve that uses the phone all the time with sensitive information on it not realize a flaw like this?
Cool! I was able to surf on Safari and check google map as well even though I didn't put my passcode. Interesting....
MacRumors->Gizmodo->MacRumors?
Am I correct in understanding that we are all commenting on a MacRumors post that references a Gizmodo post, which in turn references a MacRumors forum posting as its original source?
Just want to make sure I'm getting this right.
Am I correct in understanding that we are all commenting on a MacRumors post that references a Gizmodo post, which in turn references a MacRumors forum posting as its original source?
Just want to make sure I'm getting this right.
The passcode can be easily bypassed without this technique, simply by deleting the com.apple.SpringBoard.plist file from the phone. This can be done with a custom firmware package, such as the ones you can build with Pwnage. Details for both 1.x and 2.x passcode cracks have been available to law enforcement for quite some time, and are published in my new book iPhone Forensics
As an Amazon Associate, MacRumors earns a commission from qualifying purchases made through links in this post.
I wonder why Mac Rumors didn't reference the original post directly like it ususally does.
I'm sold on it-don't know how CPU intensive it would be for that thing's chip, but I'd guess not too bad.
wow, the comments on this thread can't be more stupid. maybe it's all the 13 year olds who get their phone paid by daddy and who don't have privacy concerns because they don't work and spend their time on myspace
a lot of people need to leave their phone in their office while on a meeting, in a different work place, a laboratory or so. also you need to give your phone to security if you want to enter a company sometimes. in those cases it's not that the colleagues or security is going to professionally hack your phone. but if it's that easy they might just sniff around your contacts and e-mails. who want's that...
so stop making stupid remarks like "we don't need a passcode anyway because a pro can hack it" or "your dumb for letting others use your phone!!11!!!".
Nooo kidding, to pick on this one...
I don't care if I get the phone back. I mean that would be nice, but the phone is worth infinitesimally less than the data on the phone. Hopefully if it's properly encrypted with real, strong encryption, they'll just give up and wipe the phone, so all you're out is $600 or whatever for the phone itself.
OMG!OMG!
If "hackers" have access to my computer, they can reset root and have at all the information on it.
If "hackers" have access to my wallet, they can steal credit card numbers and cash
If "hackers" have access to my phone...well, hopefully, you get the point.
Physical access to any device/computer/wallet is a bad thing. A passcode (even if it did work) won't deter anyone with ill intent.
If "hackers" have access to my computer, they can reset root and have at all the information on it.
If "hackers" have access to my wallet, they can steal credit card numbers and cash
If "hackers" have access to my phone...well, hopefully, you get the point.
Physical access to any device/computer/wallet is a bad thing. A passcode (even if it did work) won't deter anyone with ill intent.