Neat Trick, Blow Friends' Minds: Access Contacts, Make Calls from a *Locked* iPhone...

[Doc]

I just tried this. It works.

http://www.macnn.com/articles/10/10/25/i...e.devices/

Passcode-protected iPhones typically block most actions unless a person picks Emergency Call and dials a genuine emergency number, such as 911. Circumventing this on the iPhone 4 can be done by entering a non-emergency number from the Emergency screen, tapping Call, then immediately hitting the lock button. The action brings up the Phone app, where people can then access a contact list or manually dial any number.

[testcase]

Interesting.

[Doc]

...and you can edit contacts, change favorites, poke through call logs, listen to voicemail, change the voicemail greeting... Everything that can ordinarily be done in the Phone.app.

Need I tell you that this is a pretty %^&*!-ing huge security hole.

Allegedly, the hole is patched in the upcoming 4.2 update.

[Gilbert]

Doc wrote:
...and you can edit contacts, change favorites, poke through call logs, listen to voicemail, change the voicemail greeting... Everything that can ordinarily be done in the Phone.app.

Need I tell you that this is a pretty %^&*!-ing huge security hole.

Allegedly, the hole is patched in the upcoming 4.2 update.

I don't have access to the beta iOS releases but according to Engadget the current 4.2 beta has not addressed this issue.

"Update: Feel free to hold down the menu button to access voice control and play some locally-stored tunes while you're at it. And if you've got 4.2 beta like some of our staffers do, this "trick" should work just the same."

http://www.engadget.com/2010/10/25/ios-4...phone-app/

[Doc]

Gilbert wrote:
I don't have access to the beta iOS releases but according to Engadget the current 4.2 beta has not addressed this issue.

Nah. They're using an old beta. Both the original MacRumors thread and John Gruber agree that B3 doesn't have the bug.

http://daringfireball.net/

Oddly, or at least coincidentally, it seems to be fixed in iOS 4.2 beta 3 — I can’t reproduce this on my iPhone with 4.2b3 installed, but can on another iPhone with 4.1. Also odd is how similar the exploit is to this one from two years ago — which was also discovered by a MacRumors forum poster. You’d think Apple would have given iOS’s emergency-call-while-locked code a more thorough audit — the thing only has two non-volume hardware buttons, and both of them have now been found to allow the lock screen to be bypassed.

[Gilbert]

Doc wrote:
Nah. They're using an old beta. Both the original MacRumors thread and John Gruber agree that B3 doesn't have the bug.

Ah, good to know. Thanks Doc.