Security Hole or Minor Privacy Bug in iPhone’s Emergency Call Feature?

Privacy bug in iPhone's Emergency call feature

In iPhone fimrware 2.1, Apple had fixed the security flaw that was discovered in iPhone firmware 2.0.2 which allowed someone to access your data and certain iPhone apps even when you have the passcode lock feature turned on.

The blogosphere has been buzzing about another small security hole in the Emergency call feature that was discovered by a programmer, Karl Kraft’s 12-year-old son.

So lets see what’s the fuss about after the jump.

The security hole has been described and seen in the screen shot below:

If you are on iPhone’s Emergency call screen and you receive a text message, you will see the regular preview, showing the sender as well as part of the text message.

Privacy bug in iPhone's Emergency call feature

The problem is that even if you turn off "Show SMS Preview" (Settings -> General -> Passcode Lock -> Show SMS Preview), you still see the regular preview in the Emergency call screen, showing the sender as well as part of the text message instead of the generic "New Text Message" that is seen when iPhone’s screen is locked.

But I don’t think it is a security hole, it can be considered as a minor privacy bug which I am sure Apple will fix in future iPhone firmware but definitely not a security bug.

However, the fact that a 12 year-old figured this out is quite amazing. So well done to him.

What do you think?

[via Ars Technica]

Follow this blog


Top iPhone Hacks Categories:

iPhone Applications
Unlock iPhone
JailBreak iPhone
iPhone Tips & Tricks
iPhone Games
iPhone News 

Like this post? Share it!

  • PMB

    This also is the case when you recieve an sms from your operator before the phone has been activated.

    For example you put in your O2 PAYG sim card, and they send you a text with your balance, you can then see the main iphone home screen in the background even though the phone is not activated.

  • Dereck

    Maybe it's the way it should be? LOL…
    In reality, who will leave emergency screen on? Think about it, if you are really in emergency situation and await for resucue, it would be very helpful that you can view the text without enter the passcode?

  • Hassan

    Well thats a nice finding, at least we know when and where to keep an eye to protect our privacy.
    By the way there is another flaw, while on emergency screen you can also make calls by dialing a number of anyone you want to call.

  • Darwin

    When you on the emergency call screen, is it only to call 911? because my emergency calls any number I want.

    Does you phone does the same thing?

  • Ryan

    Yes, if passcode lock is enabled and you go to the emergency screen you can call absolutely any number! This makes the passcode lock feature completely pointless, as you can stop people seeing the internal programs etc on your iPhone, but they're free to make a call to anybody they want!

  • That just seems like a really bad bug.