Submitted by Bob Bhatnagar on
Your iPhone personal data is protected by the passcode lock screen at all times, right? Turns out that it's pretty simple to bypass the four-digit passcode to access the phone app revealing contacts, email information, recent calls and even visual voicemail. The process to circumvent the passcode lock revolves around the emergency call feature built into iPhones to allow 911 calls on a locked phone.
MacRumors forum user jordand321 announced the security flaw this weekend. The problem happens when the iPhone is locked but you enter the emergency call screen. Type any non-emergency number and touch the call button.
Immediately after dialing the non-emergency number from the emergency call screen (jordand321 used the digits ###) press the sleep button on top of the iPhone. The iPhone reverts to the phone app and Contacts, Recents, Favorites, Keypad and Voicemail are all accessible. This means that addresses and emails in your contact list can also be viewed by an unauthorized person.
The security hole was tested here with iPhone 3GS models running iOS 4.1 and worked like a charm. This latest security issue follows Safari browser security issues that were corrected this summer, as well as allegations that several prominent iPhone apps are improperly sending personal data back to company servers.
iPhone security has certainly improved, however with this latest gaping hole in the simple passcode lock feature, Apple could have some issues convincing enterprise users the platform is ready for prime time. This hasn't stopped many companies from adopting the iPhone as Apple is usually on the ball when it comes to issuing updates and bug fixes.