Lockscreen Bug May Lead to iOS 4.1.1

[Paul Daniel Ash]

[ame]http://vimeo.com/16179929[/ame]


A recently discovered lockscreen glitch may force Apple to push out a firmware upgrade ahead of the arrival of iOS 4.2 next month. [UPDATE: Apparently not, an Apple spokeswoman told Wired.com that “We’re aware of this issue and we will deliver a fix to customers as part of the iOS 4.2 software update in November.”] The bug - which allows anyone to do things like make calls, send SMS messages and access the photo library on a locked phone - appears to affect phones running 4.0.1 and 4.1, jailbroken and non-jailbroken.

This appears to be a nuisance issue only; your friend can use it to annoy you, and if your phone is stolen you have bigger problems than people making calls to your contacts. The way it works is completely straightforward: you press "Emergency Call" from the lockscreen and then enter a nonsense sequence of digits/symbols like ###. Once the phone starts dialing, you immediately press the lock button and you're dropped into the Phone app, with access to call history and contacts. Additionally, if you go to an entry in your address book choose to share a contact via MMS, by tapping the camera icon you can go into the photo library.

The flaw recalls a similar bug back in iPhone OS 2.0.2 which allowed you to jump from the Emergency Call screen directly to the Favorites screen of the Phone app by double-tapping the Home button. Email addresses in Favorite contacts then gave access to the Mail app, exposing all your messages.

As usual, the only way around this built-in security hole is to jailbreak your phone. My Typophone 4 lockscreen doesn't have an Emergency Call button, nor do other lockscreen replacements like Android Lock.

Source: [ame=http://forums.macrumors.com/showthread.php?t=1035879]MacRumors[/ame]

[tudtran]

That is crazy

[5h4d0w]

I had something weird happen to me yesterday at the lock screen... I would unlock the iPod, and the screen would smudge out and random symbols would flood the screen until I clicked on an app... Happened three times. Not really related to the story, though, except that it's a new Lockscreen bug (but this one may be caused by the Jailbreak).

[Funked]

It's a security hole, I don't think it should of been 'released' by the person who found it. Now every major iPhone blog, website, forum etc has wrote about this. And at that, it's described (in detail) on how to preform the bug. This just makes it easier for anyone who has found/stole an iPhone to abuse it. Just my thoughts on it...

[hotrod54chevy]

Um, I thought they said this problem didn't appear in 4.2 beta so Apple's already fixed it...?

[Happy Noodle Boy]

It's already fixed in 4.2

[Ichwohneinloche]

gimme one minute and will test it with 4.2 3rd beta



yep doesnt work. They wont release an update with the 4.2 release right around the corner is my bet.

[wolverinemarky]

yep i have this bug too, yea i wouldnt expect a minor update ahead of 4.2

[mvhurlburt]

My guess is that this was an intentional hidden “feature”… Maybe “easteregg” is a better word for it! I highly doubt this was a security flaw considering the sequence of events required to make it happen. Whatever engineer decided to leave this little goody will more than likely be on jobs’ **** list though. As a side note it’s kinda odd that I could only make it happen 3 or 4 times but after that no dice! Kinda weird...

Hmm the odd thing is when I tried this last night it only worked a few times as indicated above. Since then the passcode lock has been disabled. I just re-enabled it and yes it does do it again. Strangely it also allows access to safari through multifl0w but does not allow the end user to perform any functions in safari.

[PhoneLine]

Its fixed in 4.2 beta so Apple probably already knew about it. Now that its public its more of an issue and maybe they will release a 4.1.1 for this and the alarm clock issue.

They may just still wait for 4.2 as this is less severe a bug, and thats due soon anyway. The pdf exploit was a big deal as any site could exploit it. Simply fix here is hold onto your phone, is someone does not has access to the actual phone, this is no issue. So, in that aspect its less severe of an issue where I think they will be pressured to release a fast fix.

[chibgr]

hopping 4.2 will be out soon so can unlock =D stuck on 4.1 zzzzzz

[dsg]

is this iPhone 4 only because I can't recreate it on my 3Gs

[LamboFan]

Hmmmn interesting...it sucks!

[jabij1]

4.2 come out already! When in november will it most likely be available? I know there's no definite answer, just looking for some thoughts..

[GENERATI0N]

you can also access voice control which lets you in IPod

[qucina]

is this iPhone 4 only because I can't recreate it on my 3Gs

works in iphone 3gs i just did it.

[Shanteeman]

Got it to work once, but as I was trying to navigate around, it pushed me out and back to the lock screen...iPhone 4 4.01...weird

[Zeal]

Big deal.. ooo you can see my contacts and my numbers.. ooo... so scary.............................

smh

[madczech]

This reminds me of the good old jailbreakme.com times and I don't mean the on from 4.0

[CynicalDriver]

Tested this out and got some interesting results:

I have i4 & iOS4.1
I could get to the phone app, but could not get it to switch to texting, thus no access to photos. There is a different way to access the photos though, which I will not detail in the interest of not helping abusers. They can probably figure it out tho.

The writer's suggested fix (TypoPhone) also did NOT stop this exploit. I will disable all my other theme elements and try it again. Update in a few min.

Update: Nope, does not get rid of emergency call button.