New iPhone firmware leads to huge security blunder

gallery

The recent Apple iPhone firmware update has opened up a massive security hole, with its password protection easily bypassed by just a few taps on the touch screen.

With iPhone 2.0.2 you can access a password protected iPhone by tapping the ‘Emergency Call’ keypad from the passcode entry screen. Double-tap the home button and it is possible to get into your favourites.

From here it is possible to call anybody in your favourites list as well as opening up access to the full address book, the dial keypad and voicemail. Tapping the blue arrow next to a contact's name gives you full access to applications such as Mail, Safari, Contacts List, SMS and Maps.

The hole was discovered by users of an Apple news site, and was verified on video here.

The security flaw asks major questions about the iPhone’s suitability as a business device. On the Macrumors discussion forum, a user called ‘View’ posted: “Sounds like someone at Apple is about to be yelled at or get fired. Nothing is perfect, but this is quite unacceptable.”

“It's not a major problem for me since I don't really use that feature, but I'm sure that this shows the unreliability of the iPhone, especially for high-level agents that need to secure their information.”

It is possible to prevent a breach from happening by going into Settings, clicking on General and clicking the ‘Home’ or ‘iPod’ button.

This will mean double clicking the Home button will take you back to the unlock or iPod screen. However, this will mean that you cannot access your favourites if you want to make a quick call.

Reuters has reported that Apple is aware of the problem, and was readying a software update to fix it.

Email to a friend

Print this page