Security Flaw In iOS 4.1 Gives Access To iPhone Contacts, Make Calls, Send Emails, MMS Even With Passcode Lock

melinda gates

Some members of Macrumors forums have discovered a security flaw in iOS 4.1.

The security flaw allows someone to get access to the iPhone Contacts and also send an email or MMS even with passcode protection using a combination of a sleep button and fake emergency call even if it is locked with a passcode.

MacStories explains how the bug can be reproduced:

To reproduce the bug, make sure to have a passcode lock turned on and lock your device. In the lockscreen, tap on Emergency Call in the lower left corner. Now type a non-existent emergency number, I tried #946494. Start the call, and as soon as the red button appear hit the sleep button. You’ll be brought to the contact list.

I also noticed that while in this “forced Phone.app mode” you can’t go back to the homescreen but you can invoke the multitasking tray, even if tapping on apps won’t work. I was able to make SBSettings (jailbreak required) appear, but it didn’t work either. To return to the lockscreen from this forced mode, start a new call and end it. As @abrahamvegh also points out, trying to force quit the phone app will open Voice Control. It looks like you won’t be granted full access to the device through this flaw, but you’ll be able to make phone calls and access contacts nonetheless.

MacStories also reports that using the security flaw someone can also send emails and MMS:

the Field Test application won’t start either in the “protected mode”, but you’ll be able to gain email access. Tap on a contact, then “share contact” and boom – you can send an email. As you can guess, email access exposes all your configured email address and contacts. MMS sharing works as well.

MacMagazine (Brazil) has published a video, which shows how the bug can be reproduced:

We were able to reproduce the bug. The security flaw has already been reported to Apple so lets hope that it is fixed in iOS 4.2, which is expected to be released in November.

Let us know if you are able to reproduce the bug.

Update:

Apple has acknowledged the security flaw and will be fixing it in iOS 4.2

[MacMagazine via MacStories]

  • Yalin

    tried it..took me to called list…apple should be busy with its shitty ios rather than playing cat and mouse between dev team…i am so glad that didnt buy an iphone 4 and will never any iphone shitty…

  • Joe

    So, let me get this straight…you tried this, so you have an iPhone. So, why stalk an iPhone website (you're on iPhonehacks.com) and write posts hating on iPhone. if you don't like it, sell your iPhone on Craigslist and find a different site.

  • Dustin

    Ok you Have serious issues or something. Apple is only trying to protect themselves. Let me tell you something. If Apple really REALLY wanted to keep jailbreakers at bay, they could. Jailbreaking is what makes the iPhone so awesome, but in order to keep in agreements with the telephone companys they have to at least appear to make efforts to try and keep their playform secure. This is not such a bad security hole, just a programming error. Instead of making this public, they should have told Apple in private.

  • http://aol.com who cares

    apple cant do shit about J B

  • Najim

    hi, it worked for me also on the 4.0!!!

  • Najim

    on the iphone 3GS!!!!

  • Long time listener, first time caller.

    Ask Sony how well stopping the hacker scene worked for them.

  • LastBorn

    Stupidity, that's what I call this!!! The perpetrator (hacker) needs to have your iphone physically in their possession to do this.

    What's the use of hacking somebody else iphone (actually stealing) just to sent e-mail/mms or make a call? Just re-jb the phone, and you have a backup phone!!!

  • Jc

    It wont work on my iphone 4

  • clrj

    get a life

  • Gerard

    Im glad I never leave my phone unattended when outside of my home. I just tried this hack…it works. No special set of numbers needed; all that needs to be done is dial any one number or character in emergency call mode press the call button then quickly press the power button then the phone screen opens. I was not able to get to my email or text message like others reported.

  • Rocky

    Hmm this also worked for me on an iPhone running iOS 4.1

    Not too, too worried about this but its a bug that should definitely be addressed.

  • Symph

    Not too worried either…, someone has to physically have the phone and 99% of the people i know arent computer literate. lol

  • http://www.microsoft.com Bill Gates

    apple likes the jailbreak because without jailbreak they will not sell to many iphones all over the world so apple wants money and thats why they keep doing the iOS unsecure because they want money……how bout the ipad why they couldnt do a ios specially for the ipad and not being the same as iphone ios so.. apple will not quit being such an aas hole and a stupid comnpany..but later in those years.. apple wil go down and their iphone will be not as famous as their are right now.. so keep buyig iphone or wait until the iphone can be unfamous….the other way they could be unfamous its that the dev team could quit or any hacker for iphones, if they quit the iphone will not be famous and other phone will be the famous….trust me i have seen this already and apple wil fall at some point in the near future………………

  • Kay

    iPhoneHack, Does it relates to this one?

    I found these 3 hidden unrecognized apps. I only see the apps if I open Spoof or iFile. The apps were hidden and it doesn't show on screen.

    1. AdSheet–is for collecting passwords
    2. TrustMe– is for collecting Account numbers
    3. WebSheet– is for collecting Contacts

  • Skyline_V35

    I had those randomly appear on my SB from time to time when I was on 4.0 Now that I'm on 4.1 they never show up anymore. IDK what they were.

  • http://www.facebook.com/pages/Cupertino-CA/Jailbreak-your-iPhone/127927303897872 PATRICIO_NY

    If an update is released and you update, your jailbreak will be tethered unless @comex creates new magical kernel patches or you downgrade.

  • Alex

    can also view the photoalbum through share contact, mms, add photo from roll and bam theres all the photos.

  • Angelnas

    Tried on iPhone 4 version 4.1 didn't work the red button doesn't stay on long to hit sleep button, its a quick flash of the button (that's if you see it, it's that fast) and resets back to emergency screen. My phone is not jailbroken, used to be but I reset it back to original a couple if months back.

  • iDuckie

    I concur, the bug is also in 4.0-4.0.2 as well. This goes for all iPhone.

  • common

    what so private about a contact list? i personal dont care if someone sees my contact list, it just names.

  • Tom

    I was not quick enough the first time but when I came back on the phone I was in contacts but when I locked I was in safari lol

  • Steven Murphy

    Worked for me.

  • Elim

    wow, tried it and it works. must be a big boo-boo. hope they can clear this flaw asap.

  • Yalin

    Are you the barister of apple and this site?do you guys have to defend anything?you guys are really funny…

  • http://www.zerogrc.com JBD

    WTF are you talking about???? Some people are some dumb… bet you run in the liquor store and leave your car running?? O but hold on ONLY a jacker can take your car… not a normal person?

  • iPhone & PSP owner

    you can ask sony also how doing nothing to stop PSP scene worked for them…

  • iPhone & PSP owner

    It works in my iPhone 4 with 4.1… very easy to reproduce…

  • pretaj

    I don't know why this is such a big deal. If someone stole a phone other than Iphone or Android based device, they'd have the same access to the same info. This is completely overblown as you pretty much have to have your phone STOLEN from you in order for the person to make use of this hack.

  • iPhone & PSP owner

    Oh, I forgot. MS has sold 41.7M Xbox360 since Nov'05. Sony 38.1M PS3 since seven months later… So, I don't really get the point on your comment…

  • AC

    Loser

  • Gerard

    I told my one of my coworkers about the flaw. He inturn told me about another flaw that allows anyone in possesion of your phone to make calls. All you have to do is hold the home button to activate voice control verbalize the number and the phone dials it.

  • Kay

    Yes it doesn't show using SBSetting but it shows using Poof or iFile /var/stash/applications. I also have iOs 4.1.

  • http://me.com me

    that one can be turned off easily tho through settings (voicedial), but yeah i guess you are right.

  • Fearless

    IT'S OK..LOL..Android is having the SAME issue..lol..So it's NOT JUST…APPLE OR SONY. But I agree How many people actually Look@ Youtube JUST TO SEE…if they can steal someones iphone? LMAO..Most of them can't even SYNC..their contacts too their itunes account..SO..either way..it doesn't bother me..cause I never leave my iphone unattended.

  • Now what

    Sorry but you are a moron to actually believe what you just typed. @Clrg and AC you are the ones who need to get a life.
    I love my iPhone and my MacBook pro but it doesn't mean they have no flaws like some of you boneheads makes it sound. Yes the website is for apple news but remember news can be good and bad. Tired of all y'all retard kids blowing yourself and typing shyt.

    Yes

  • Yalin

    hahaahahahaahaha :) funny guys..thats why i like this site!!!!

  • John

    How secure do idiots expect their phone to be? This is a non issue. If anyone leaves an iphone unattended, guarantee that it'll be gone soon after.

    The new user can just wipe the iphone and set it up as a new one. Very simple. No one cares about your contact info, and if you were a high class assassin or drug dealer, you wouldn't be on an iphone in the first place.

  • http://profile.typepad.com/goddardabel Abel Goddard

    It may be a flaw, but I'd be less concerned with keeping my contact info safe than with keeping my PHONE in my possession.

    And, if any of my contacts are going to fall victim to a scam, the method of contact is the least of their problems.

  • Lastborn

    ru 1 of em? Think, why go to the hassle when you can just re-jb the phone? maybe you would go that hassle just to call your mom, or e-mail ur bf!!!

  • LastBorn

    that is exacly my point!

  • XOXO

    You are in this site cause u wish u had an iphone :D Looser! ha!

  • svi

    I could use a phone with better security than this. Any recommendations?

  • http://gadgetfolio.com Alonso

    What a bug on iOS 4.1
    Anyway, i don't use passcode, bcos i hold the phone whenever i go, so doesn't bother me much.

  • xoxo
  • Sorin

    The flaw is present in 4.0.2 too!!!!!!!!!

  • http://profile.typepad.com/goddardabel Abel Goddard

    Exactly – I even got rid of the lockscreen, much less the passcode.