Critical Security Hole in iOS 4 Lets You Make Calls From Locked iPhone [Video]

A new critical security hole has been found in iOS 4 that lets you make calls and access contacts info from a password protected iPhone.The security hole bypasses iPhone’s passcode lock without any hack.

Video and instructions to reproduce it after the jump…

How it works:

  • Lock your iPhone with a passcode
  • Tap Emergency Call
  • Enter a non-emergency number such as ###.
  • Next tap the call button and immediately hit the lock button.

It should open up the Phone app where you can see all your contacts, call any number, recent call history, send emails, etc.

Watch the security flaw in action here.

I tried is on iPhone 4 4.1 and 3GS 4.0.1, yes, it works and its scary too. Apple has reportedly fixed the hole in iOS 4.2. via [9to5mac]

14 comments… add one
skyred October 26, 2010, 6:07 am

i managed to try only once or twice…after that it says emergency calls only…

skyred October 26, 2010, 6:17 am

apologies for double post.

skyred October 26, 2010, 6:07 am

i managed to try only once or twice…after that it says emergency calls only…tried on 3GS 4.01 though.

aakatbi October 26, 2010, 9:40 am

I need iPhone4 iSO4.1 unlock, please help!!

indi October 26, 2010, 1:50 pm

Baseband 1.59 -> jailbreak with limera1n, then install ultrasn0w from Cydia to unlock

Baseband 2.10 -> wait…

PyBrick October 26, 2010, 10:02 am

Wasn’t there something like this with iOS 3.x? You’d think they would have solved these bugs with iOS 4.0+! Plus, a passcode can be cleared (along with sensitive/personal data, etc) with a complete restore, right? So a lost iPhone means hundreds of dollars gone even if you cancel your plan and the ‘thief’ doesn’t know about this security hole. It’s probably best to pay attention to where your iDevice is at all times.

sowat99 October 26, 2010, 11:56 am

Install Androidlock XT its far more greater and safer.

PyBrick October 26, 2010, 12:12 pm

I second that, just be sure to remember your pattern!

taogenix October 26, 2010, 2:38 pm

call the phone, answer it and go to menu, you can uninstall Androidlock XT.
so i dont see the “greater and safer” point here..

sowat99 October 26, 2010, 3:12 pm

then it would be common sense.. if the thief calls your phone, the thief would be your friend because they know which number to call.. if they cant ring the phone then they cannot access the menu..

The White Rider November 3, 2010, 2:38 pm

Ya, Common sense says that the thieves bring out the SIM, insert their own SIM and call his own number.

ryan November 11, 2010, 11:42 am

if u want u can use double lock with android lock and the normal lock at the same time 🙂

indi October 26, 2010, 1:49 pm

hahhahahah I did it, such a funny and silly hole…

Liveordie October 28, 2010, 4:23 pm

i tried it works its all about the timing

Leave a Comment