iPhone security flaw bypasses pass codes, gives access to contacts list

15comments
iPhone security flaw bypasses pass codes, gives access to contacts list
The following is by no means a cause for alarm, but a security flaw in iOS has just been discovered. In a nutshell, it allows for an attacker to bypass an iPhone's pass code and obtain access to its contacts list, list of recent calls, favorite contacts, and even make a call on the targeted device.

The reason why this should not be much of a concern, however, is that the exploit is a bit tricky to pull off. First of all, the attacker needs to have physical access to the targeted iPhone and to know its number. The iPhone's number is dialed and then rejected so that a missed call notification gets displayed on the smartphone's lock screen. Then, the number needs to be called back from the victim iPhone, but its SIM card has to be ejected at a very specific moment. If done properly, the Phone app will show up even if the iPhone is protected with a pass code.

The folks that came across the flaw say that it works on iOS 5.0.1 and made a demonstration using an iPhone 4 running stock software. Perhaps, checking out the exploit being performed in the video is a good idea.

source: iPhoneislam (translated) via Gizmodo

Video Thumbnail
 
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless