iPhone security flaw bypasses pass codes, gives access to contacts list

iPhone security flaw bypasses pass codes, gives access to contacts list
The following is by no means a cause for alarm, but a security flaw in iOS has just been discovered. In a nutshell, it allows for an attacker to bypass an iPhone's pass code and obtain access to its contacts list, list of recent calls, favorite contacts, and even make a call on the targeted device.

The reason why this should not be much of a concern, however, is that the exploit is a bit tricky to pull off. First of all, the attacker needs to have physical access to the targeted iPhone and to know its number. The iPhone's number is dialed and then rejected so that a missed call notification gets displayed on the smartphone's lock screen. Then, the number needs to be called back from the victim iPhone, but its SIM card has to be ejected at a very specific moment. If done properly, the Phone app will show up even if the iPhone is protected with a pass code.

The folks that came across the flaw say that it works on iOS 5.0.1 and made a demonstration using an iPhone 4 running stock software. Perhaps, checking out the exploit being performed in the video is a good idea.

source: iPhoneislam (translated) via Gizmodo

 

Related phones

iPhone 4s
  • Display 3.5" 640 x 960 pixels
  • Camera 8 MP / 0.3 MP VGA front
  • Processor Apple A5, Dual-core, 800 MHz
  • Storage 64 GB

FEATURED VIDEO

15 Comments

1. remixfa

Posts: 14605; Member since: Dec 19, 2008

so.. easy answer.. dont borrow your phone. lol. but still. that needs to be fixed.

8. SuperAndroidEvo

Posts: 4888; Member since: Apr 15, 2011

I know, I hate when random people ask me to borrow my phone. Just last weekend some random woman asked me to use my phone to make a call. I thought to myself that I have no clue who you are or who you are calling so I decided not to let her use my phone. This day in age I you don't have a mobile phone then you don't make your calls. There are so many options like prepaid & whatever that there is no need to borrow perfect strangers phones. Also there is no perfect OS. Apple is just as vulnerable as any.

9. bigdawg23

Posts: 467; Member since: May 25, 2011

I am with you. I NEVER let anyone I don't know use my phone.

2. protozeloz

Posts: 5396; Member since: Sep 16, 2010

o noes.... phones have security holes! the end of the world /s now seriously this shouldn't be much of a big deal....

3. bloodline

Posts: 706; Member since: Dec 01, 2011

awful

4. andro.

Posts: 1999; Member since: Sep 16, 2011

Apparently Iphones use a rigid uncustomisable,closed off,no access and sterile system to ensure that there are no security breaches so any claims that apple or any other party is tracking and monitors ifans calls,phone numbers and locations and more simply can't be.

5. ivanko34

Posts: 617; Member since: Sep 04, 2011

Amen !

11. SleepingOz unregistered

Now, I get the real meaning of iFail.

6. gwhyte01

Posts: 44; Member since: Jul 09, 2008

Ohh look another iphone security flaw, whats that? the fourth one.Yet! its the best o.s.?? i beg to differ....windows phone ftw.

7. taz89

Posts: 2014; Member since: May 03, 2011

wait this cant be possible,apple dont have security issues lol

15. bayusuputra

Posts: 963; Member since: Feb 12, 2012

ouch, man.. i just love sarcasm.. lol..

10. tedkord

Posts: 17456; Member since: Jun 17, 2009

This isn't much of a security flaw, because of all the hoops you've gotta jump through. But, doesn't publishing it and showing how to do it make it worse? How many people who steal an iPhone would have figured this out? Now they've got a procedure manual.

12. Nick_T

Posts: 186; Member since: May 27, 2011

You may be correct, but consider the following: spreading the word gives another reason for people to be more alert when it comes to their smartphones, and creating awareness makes the chances of Apple actually fixing it much higher.

13. SlimSoulja86

Posts: 660; Member since: Nov 03, 2011

True that Nick_T. It's all about awareness. @ tebkord Why should they only keep talking about Android flaws not Apple's?

14. Pings

Posts: 304; Member since: Dec 19, 2008

Apple has had the worst security in the computer world for quite sometime now. You don't think so, Google pwn2own. Apple loses pwn2own all the time, in seconds in some cases. They have by far has the worst security in the computer world... Unstable apps and week security, I dunno... I wouldn't get one. This ain't only either I rember reading about a pwn2own where the iPhone sms database hacked in less than 20 seconds.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.