A bug in iOS 5.0.1 can let a rogue person, in possession of your passcode protected iPhone 4 or iPhone 4S with voice dialing deactivated, make FaceTime calls and view certain fields of your contacts from the lock screen.
The hack, which was discovered by Canadian tech writer Ade Barkah, exploits the Emergency Dialer accessible via the lockscreen to accomplish this task.
You could reproduce this bug on your passcode protected iPhone with voice dialing disabled following these steps:
- “Slide to unlock” on the lockscreen, and instead of entering the passcode, hit the “Emergency Call” button to get the emergency dialer.
- Now long press the home button to bring up Voice Control and try to FaceTime with any of your contacts.
- The call goes through, and you’ll be able to FaceTime with a person from your locked phone.
Even if a person in your contact list doesn’t have FaceTime set up, you can see the contact’s image on the screen.
Although the same process could be replicated for voice calling a person, the voice call doesn’t actually go through, but it could be used to reveal other information as explained below.
The loophole could be used to see certain details of a contact by a hit and trial method. For instance, you have two entries for a contact named “Bob,” and you tell Voice Control to “Call Bob,” it would present the full names of both Bobs. Similarly if a contact has two phone numbers, with one of the phone numbers filed under a custom field, Voice Control would present both these fields (not the number), which could potentially leak private information.
This isn’t a very serious flaw, though. For starters the phone would need to be connected to a Wi-Fi network. If it is, the person in possession of your phone would need to have some knowledge of your address book. And since the problem is only with Voice Control and not Siri, majority of iPhone 4S users won’t be affected. (Only when Siri is disabled, does Voice Control show up.)
It is a bug nonetheless, and Apple would most likely fix this in the upcoming iOS 5.1 update.
Ade has, in the past, discovered similar bugs which make information that should ideally be private, accessible via the lock screen.
Does this sound like a security threat to you?