New iPhone firmware leads to huge security blunder
The new iPhone update may have fixed some of the problems that users have been complaining about, but it has left a big security problem.
The recent Apple iPhone firmware update has opened up a massive security hole, with its password protection easily bypassed by just a few taps on the touch screen.
With iPhone 2.0.2 you can access a password protected iPhone by tapping the Emergency Call' keypad from the passcode entry screen. Double-tap the home button and it is possible to get into your favourites.
From here it is possible to call anybody in your favourites list as well as opening up access to the full address book, the dial keypad and voicemail. Tapping the blue arrow next to a contact's name gives you full access to applications such as Mail, Safari, Contacts List, SMS and Maps.
The hole was discovered by users of an Apple news site, and was verified on video here.
The security flaw asks major questions about the iPhone's suitability as a business device. On the Macrumors discussion forum, a user called View' posted: "Sounds like someone at Apple is about to be yelled at or get fired. Nothing is perfect, but this is quite unacceptable."
"It's not a major problem for me since I don't really use that feature, but I'm sure that this shows the unreliability of the iPhone, especially for high-level agents that need to secure their information."
It is possible to prevent a breach from happening by going into Settings, clicking on General and clicking the Home' or iPod' button.
This will mean double clicking the Home button will take you back to the unlock or iPod screen. However, this will mean that you cannot access your favourites if you want to make a quick call.
Reuters has reported that Apple is aware of the problem, and was readying a software update to fix it.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now