iPhone security flaw bypasses pass codes, gives access to contacts list
The following is by no means a cause for alarm, but a security flaw in iOS has just been discovered. In a nutshell, it allows for an attacker to bypass an iPhone's pass code and obtain access to its contacts list, list of recent calls, favorite contacts, and even make a call on the targeted device.
The reason why this should not be much of a concern, however, is that the exploit is a bit tricky to pull off. First of all, the attacker needs to have physical access to the targeted iPhone and to know its number. The iPhone's number is dialed and then rejected so that a missed call notification gets displayed on the smartphone's lock screen. Then, the number needs to be called back from the victim iPhone, but its SIM card has to be ejected at a very specific moment. If done properly, the Phone app will show up even if the iPhone is protected with a pass code.
The folks that came across the flaw say that it works on iOS 5.0.1 and made a demonstration using an iPhone 4 running stock software. Perhaps, checking out the exploit being performed in the video is a good idea.