New iPhone firmware leads to huge security blunder

The new iPhone update may have fixed some of the problems that users have been complaining about, but it has left a big security problem.

The recent Apple iPhone firmware update has opened up a massive security hole, with its password protection easily bypassed by just a few taps on the touch screen.

With iPhone 2.0.2 you can access a password protected iPhone by tapping the Emergency Call' keypad from the passcode entry screen. Double-tap the home button and it is possible to get into your favourites.

Advertisement - Article continues below

From here it is possible to call anybody in your favourites list as well as opening up access to the full address book, the dial keypad and voicemail. Tapping the blue arrow next to a contact's name gives you full access to applications such as Mail, Safari, Contacts List, SMS and Maps.

The hole was discovered by users of an Apple news site, and was verified on video here.

The security flaw asks major questions about the iPhone's suitability as a business device. On the Macrumors discussion forum, a user called View' posted: "Sounds like someone at Apple is about to be yelled at or get fired. Nothing is perfect, but this is quite unacceptable."

"It's not a major problem for me since I don't really use that feature, but I'm sure that this shows the unreliability of the iPhone, especially for high-level agents that need to secure their information."

Advertisement - Article continues below
Advertisement - Article continues below

It is possible to prevent a breach from happening by going into Settings, clicking on General and clicking the Home' or iPod' button.

This will mean double clicking the Home button will take you back to the unlock or iPod screen. However, this will mean that you cannot access your favourites if you want to make a quick call.

Reuters has reported that Apple is aware of the problem, and was readying a software update to fix it.



cyber security

Report: 16.5 million Britons fell victim to cyber crime in the past year

1 Apr 2020
Amazon Web Services (AWS)

AWS launches Amazon Detective for investigating security incidents

1 Apr 2020

UK government to launch coronavirus 'contact tracking' app

1 Apr 2020
video conferencing

Zoom admits meetings don't use end-to-end encryption

1 Apr 2020

Most Popular

cyber security

Elon Musk's SpaceX bans Zoom over security fears

2 Apr 2020
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020