+ Reply
Page 1 of 2 12 LastLast
Results 1 to 20 of 37

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Did Apple clear out all the security flaws with 2.1? Nope, they didn't...

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
Remember the major security threat introduced with 2.0.2 which allowed anyone to access all the major phone application even if you had a passcode ? Apple said that they fixed
...
  1. #1
    Former MMi Staff Writer sayam's Avatar
    Join Date
    Jul 2008
    Location
    Ludhiana, Punjab, India
    Posts
    804
    Thanks
    34
    Thanked 464 Times in 104 Posts

    Exclamation Did Apple clear out all the security flaws with 2.1? Nope, they didn't...
    Remember the major security threat introduced with 2.0.2 which allowed anyone to access all the major phone application even if you had a passcode?

    Apple said that they fixed the security. But, actually security not completely fixed. Another major bug still exists (one that has been around forever). The Emergency Call mode in passcode screen which is just meant to call emergency numbers like 911 can actually be used to call any number!



    This is a big flaw as anyone can make a call and make you pay a big bill if somehow he/ she gets the phone! This means that iPhone Passcode is a big failure as anyone can access the main feature of iPhone really easily even if you think you have secured it.

    You can reproduce the bug as follows:
    • Set a passcode lock.
    • Lock the phone and slide to unlock.
    • Click on the Emergency call button and dial any number of your choice.
    Though, apple can fix it by just an update, I think the better way is to add a setting to lock each app with a different code even if you are on the main screen. This feature could also be great in the sense that we can protect all our personal stuff (like messages, videos ).

    We think Apple would adopt the first method but Steve, please think about the second one too!

    [MacRumors iPhone Blog]
    Attached Thumbnails Attached Thumbnails Did Apple clear out all the security flaws with 2.1? Nope, they didn't...-img_0001.png  
    Last edited by sayam; 09-20-2008 at 08:30 AM.

  2. The Following User Says Thank You to sayam For This Useful Post:

    enjoi4586 (09-23-2008)

  3. #2
    Livin the iPhone Life 461am's Avatar
    Join Date
    Aug 2008
    Location
    Houston, TX
    Posts
    1,241
    Thanks
    28
    Thanked 183 Times in 159 Posts

    this was present in older firmwares. Dating back to 1.1.4 I think.

    or at least if memory serves correctly. Someone with a 1.1.4 phone check.
    Last edited by 461am; 09-23-2008 at 01:29 AM. Reason: Automerged Doublepost

  4. #3
    Green Apple bewie's Avatar
    Join Date
    Jul 2008
    Location
    In your nightmares o.o
    Posts
    37
    Thanks
    3
    Thanked 0 Times in 0 Posts

    I wonder if this can be done without a SIM card... Probably not though.

  5. #4
    Green Apple
    Join Date
    Sep 2007
    Posts
    33
    Thanks
    5
    Thanked 1 Time in 1 Post
    This existed on the very FIRST firmware ever released... its been a bug that never really was addressed

  6. #5
    Super Moderator dale1v's Avatar
    Join Date
    Sep 2007
    Location
    London, UK
    Posts
    3,786
    Thanks
    335
    Thanked 394 Times in 268 Posts

    lol that fails, hard.
    [RIGHT][LEFT][IMG]http://lookpic.com/i/470/QsIbAobp.jpeg[/IMG]
    [/LEFT][QUOTE]Microsoft owns the internet through Hotmail. The .HTML is short for Hotmail, so all .HTML files are MS files.[/QUOTE][URL="http://twitter.com/dale1v"][SIZE=2][COLOR=Cyan][I]twitter.com/dale1v[/I][/COLOR][/SIZE][/URL]
    [/RIGHT]

  7. #6
    Former MMi Staff Writer sayam's Avatar
    Join Date
    Jul 2008
    Location
    Ludhiana, Punjab, India
    Posts
    804
    Thanks
    34
    Thanked 464 Times in 104 Posts

    if you read the post clearly, everywhere i say that it has not been cleared out. i have nowhere mentioned that it was introduced with 2.1

  8. #7
    Livin the iPhone Life 461am's Avatar
    Join Date
    Aug 2008
    Location
    Houston, TX
    Posts
    1,241
    Thanks
    28
    Thanked 183 Times in 159 Posts

    sorry. You're right, I didn't read it properly.

  9. #8
    Previously Known as A.T MetallicaFan1991's Avatar
    Join Date
    Apr 2008
    Location
    Manchester, UK
    Posts
    1,582
    Thanks
    188
    Thanked 111 Times in 94 Posts

    Old news! We need new news.
    Well maybe not everyone saw this on iClarified a week ago.

    MBP 15" 2.66Ghz Core 2 Duo Nvidia 9400M 9600GT 256MB OS X 10.6.4 Windows 7 June 2009
    iPhone 4 August 28th

  10. #9
    Former MMi Staff Writer sayam's Avatar
    Join Date
    Jul 2008
    Location
    Ludhiana, Punjab, India
    Posts
    804
    Thanks
    34
    Thanked 464 Times in 104 Posts

    i posted it 4 days ago but it got approved today

  11. #10
    What's Jailbreak?
    Join Date
    Sep 2008
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Well, it will complicated to allow just preset emergency numbers to be dialed - as each country as its own, and some have more than one.

    I don't know if it is mandatory for any phone to be able to dial an emergency number (all my cell phones allowed it - even if they were password locked)

    But if Apple someday "locks" it I just wonder how long it will be until someone tries to sue them because they *had* to make an emergency call from an iPhone and were unable to.

  12. #11
    Green Apple mooritexxx's Avatar
    Join Date
    Jan 2008
    Posts
    60
    Thanks
    10
    Thanked 1 Time in 1 Post
    and how exactly is this done?

  13. #12
    Green Apple
    Join Date
    Mar 2008
    Posts
    43
    Thanks
    0
    Thanked 1 Time in 1 Post
    Well this flaw was helpful to me :P Had the phone blocked recently during the 2.1 update, but atleast I could call my girlfriend up and tell her that my phone was down, lol.

    Anyways, if someone does end up stealing your phone, can't they just do a custom restore and use the phone?? Whats the point of the security lock...

    I don't care if they access my personal info, if the phone is stolen...the thief should not be able to use my phone!! LOL.

    They should have the security passcode popping up during restore :P

  14. #13
    iPhone? More like MyPhone
    Join Date
    Oct 2007
    Posts
    202
    Thanks
    1
    Thanked 26 Times in 15 Posts

    i really like this since when i get in trouble , real trouble i dont have time to slide and enter passcode open phone and dial
    i just slide emergency call dial and voilaaaaa!!! i hope they dont remoe this bug

  15. #14
    What's Jailbreak?
    Join Date
    May 2008
    Location
    Down Under
    Posts
    3
    Thanks
    1
    Thanked 1 Time in 1 Post
    Yeah this has been around for a while now, I actually find it quite useful sometime you need to call someone in a hurry and entering the pass-code just takes more time doing via the emergency button really helps. Somehow I doubt that apple has done this by accident I think it's there on purpose. Either way for those security conscious maybe that should let you have the option of disabling it but if you iPhone gets stolen call your carrier and block it most insurance ( at least in australia covers you for that stuff) besides how much worth of calls can someone really knock up on your phone in the time it takes you to call your carrier

    Just my 2cents

  16. The Following User Says Thank You to king_mohamed02 For This Useful Post:

    enjoi4586 (09-23-2008)

  17. #15
    Green Apple ThinkTank's Avatar
    Join Date
    Mar 2008
    Posts
    79
    Thanks
    1
    Thanked 4 Times in 4 Posts

    really.... For AT&T you have boat load of minutes anyways so why care.
    A missing phone for me is an excuse to finally get the Tmobile G phone that my wife won't let me buy,

  18. #16
    What's Jailbreak?
    Join Date
    Oct 2007
    Posts
    17
    Thanks
    1
    Thanked 0 Times in 0 Posts

    even tho i lose my iphone people around here wouldnt know how to get pass the passcode. only people that know is the people that come to this site. so no worries for me.

  19. #17
    Green Apple
    Join Date
    Mar 2008
    Posts
    72
    Thanks
    7
    Thanked 2 Times in 2 Posts

    not nearly as big a deal as people being able to get your personal info

  20. #18
    iPhone? More like MyPhone
    Join Date
    Jul 2008
    Location
    Dallas, TX
    Posts
    195
    Thanks
    36
    Thanked 115 Times in 30 Posts

    Honestly, I don't think this is a 'bug' at all. There are a LOT of numbers you could be calling in an emergency. Think about it, what makes 911 the only legitimate number to dial for emergency anyways? If you're stranded on the highway and need to call your wife to come pick you up, is that not an emergency? The phone saying 'Emergency Call' just means that it is for calls that need to be made urgently, without spending the time to unlock the phone first.

  21. #19
    My iPhone is a Part of Me
    Join Date
    Nov 2007
    Location
    Los Angeles
    Posts
    813
    Thanks
    417
    Thanked 108 Times in 80 Posts

    Quote Originally Posted by 461am View Post
    sorry. You're right, I didn't read it properly.

    no one ever does.
    but they still post!

    Quote Originally Posted by A.T View Post
    Old news! We need new news.
    Well maybe not everyone saw this on iClarified a week ago.

    well then why didnt you post it?
    too greedy to share or too lazy?

    Quote Originally Posted by WillyDavidK View Post
    Honestly, I don't think this is a 'bug' at all. There are a LOT of numbers you could be calling in an emergency. Think about it, what makes 911 the only legitimate number to dial for emergency anyways? If you're stranded on the highway and need to call your wife to come pick you up, is that not an emergency? The phone saying 'Emergency Call' just means that it is for calls that need to be made urgently, without spending the time to unlock the phone first.

    excellent point. maybe thats apples thinking.
    Last edited by tattoojack; 09-23-2008 at 11:20 AM. Reason: Automerged Doublepost

  22. #20
    What's Jailbreak?
    Join Date
    Mar 2008
    Posts
    6
    Thanks
    10
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by WillyDavidK View Post
    Honestly, I don't think this is a 'bug' at all. There are a LOT of numbers you could be calling in an emergency. Think about it, what makes 911 the only legitimate number to dial for emergency anyways? If you're stranded on the highway and need to call your wife to come pick you up, is that not an emergency? The phone saying 'Emergency Call' just means that it is for calls that need to be made urgently, without spending the time to unlock the phone first.
    I'm pretty sure most other phones allow 2 or 3 pre-set "emergency numbers". I remember setting my parents and a couple of friends as those contacts. Then, in "emergency mode" whether its passcode-locked (as on my previous smart phones), or after dialing 911 on non-smart phones, only those pre-set numbers could be dialed.

    That feature (among others) is missing from the iPhone.
    If it was done on purpose, what's the point of the passcode?

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts