back to article iOS bug unlocks iPhones sans password

A recently discovered bug in Apple's iOS 4.1 allows users to make iPhone calls without first entering a passcode. The bug means there is no way to prevent unauthorized people from using the devices in the event they're lost or stolen. All that's required to unlock a phone is to press the Emergency Call button, enter a non- …


This topic is closed for new posts.
  1. XMAN

    That's not a bug, it's a feature

    Little features like this will continue to popup to break those 'Dont upgrade because it will break your jailbrake' warnings.

  2. Anonymous Coward


    A BIG FAT, HAIRY 600lb FAIL!


    I was on the brink of getting one too, think I'll wait or go have a look at what the competition are up to.

  3. Eddie Edwards

    Er ...

    Just hold down the menu button until it goes into voice mode then say "Call Fred" and it will call Fred without the passcode.

    Works on iOS 3 on my 3GS no problem. Maybe I should upgrade ...

  4. takuhii

    Stupid, but not that stupid

    OK so they can get into my contacts, and make bespoke calls, but that's all they can do, you still can't access the main body of the phone; i.e. Apps, Messaging and so on...

    I'm sure this will act as a gateway for another exploit though

    1. g e

      Ummmmmm OK

      Yeah those precious apps, not the 09xx £1.50/minute calls they made on YOUR sim to THEIR premium rate account.

      Least the Apps are safe, thank god.

  5. Jim Coleman


    Just tried this on my colleague's iPhone 4 and it works! Haha! He was pretty gobsmacked, I can tell you! :O) Pwned!

  6. Bobs4evr

    And you can take photos!

    It actually works! It's just the same as it was with the iPhone 3G. It lets you into the phone function but doesn't let you go anywhere else. It's as if they've pulled up an old piece of code and put it into iOS4. To add insult to injury, if you press the home screen and the lock/power button at the same time whilst it is in this state, it will take a 'picture', which actually turns out to be a screen shot of the screen you're currently looking at! the only way to get out of it and see the screenshot is to switch off, back on, and look at it in photos. Strange. Very strange.

    1. Anonymous Coward
      Anonymous Coward

      It's as if they've pulled up an old piece of code and put it into iOS4.

      Blimey! you mean they didn't start again from scratch?

    2. GrahamS

      Screenshot is not a bug

      Er yes, the screenshot function (pressing home and power) works throughout the iPhone. That's how you take screenshots. Not sure why you think that is a bug.

      1. Bobs4evr


        Yes, thank you, I've discovered that now, however, since the phone 'should be locked, one begs the questions why it should be so.

  7. max allan

    Serves you right for upgrading

    I'm still on 4.0 and my phone can't be frigged like this. "Upgrade", Pah!

  8. Anonymous Coward
    Anonymous Coward


    iWill now try it on my friends.

    1. Anonymous Coward

      re: iWill now try it on my friends.

      Your friends run on iOS? I didn't know Apple made gadgets of ,ahem, that nature. Still, good on ya for not being afraid to discuss your electric friends in public.

  9. Lockwood


    TRWTF is detailing in the article how to do it.

    TORWTF is "OK so they can get into my contacts, and make bespoke calls, but that's all they can do"

    You can do harm like that, making heavy breathing phone calls to "Boss" or "Work".

    It's stuff that can be explained away, but it will irritate "Boss" or "Work" for a while, which is not condusive to the phone owner's wellbeing at work

    TOORWTF is that the iPhone is infallible etc

    Bypassing security? There's an application for such things.

  10. Andre 4

    More than phone calls

    You can do more than phonecalls.

    Go into the contacts, and you can send an email by sharing a contact. You can send an MMS the same way. Once in the MMS app, click the camera and you can view all the photos on the phone, or use the camera.

    You can edit contacts, change ringtones.

    You can access the paste buffer and see what the last copy/cut/paste was.

    You can enter the user's voicemail (if they've saved their password). From there, listen to their messages, change their password, etc.

    Of course, you can view all the contacts, edit them, delete, add, and view recent calls.

    Pretty heavy-duty flaw if you ask me.

    1. Bobs4evr


      It's just incredible. The only stuff they don't protect, is the stuff you want to protect! Who cares about apps, it's access to all your information and giving a false sense of security!

      1. Michael C

        thank the FCC

        By FCC rule (and the same organization in many other nations), ALL phones must be capable of dialing an emergency number even from a locked state. Since 911 is not universal (not even across the entire USA let alone internationally), the ability to enter an alternate emergency number in emergency call mode, including that some 911 dispatches you might get connected to based on the home location of the phone may not be able to forward you to a LOCAL 911 branch when traveling, (or even just because your tower is across a county line) but can give you a direct number to dial instead. I've had this happen a few times.

        The only bug is from this screen you can get to contacts. That is an easy bug to fix (its been fixed already in a prev version). Unfortunate it came up again, but it took more than a month to find, and is only a security risk if someone you don't trust is in possession of a phone you don't know you have lost yet. This bug should be fixed inside 24 hours.

  11. flameresistant

    I can replicate it ...

    iPhone 4 running iOS 4.1 (8B117). Can't seem to get into anything else but the phone app though.

    That's not very good considering there was a similar vulnerability before now.

    Probably wouldn't be too much of an issue if your phone was in the UK when lost. One call to the phone company and they can disable it pretty quickly. Can take longer if you are roaming abroad though.

    I suspect an update will be quickly released to fix this.

  12. Pandy06269

    Data loss bug

    I used to have a HTC Magic running Android 1.5 which had a much worse "bug" than this, yet it was never mentioned.

    If you have an "unlock pattern" (similar to a pass code but you connect dots on the screen in a defined order instead of typing in numbers) - if you draw it incorrectly 3 times, it asks you for your Gmail details. Whatever details you put in (even correct - I logged in to Gmail on another phone to double-check) it renders the phone useless. You have to restore to factory settings, losing everything.

    As of Android 2.0 (2 major versions forward) Google still hadn't even acknowledged the problem.

    My point - all phones, and all OSs have bugs. You only hear about those in the iPhone because they're so popular. Don't refuse to buy an iPhone because of one minor bug.

    1. Steven Knox

      From a Security Standpoint

      The iPhone bug is actually significantly worse.

      The iPhone fails in allowing access to information and features without authorization.

      The HTC Magic in your case fails in not allowing access to information, even with authorization.

      From a security standpoint, the second failure is actually more desirable because it protects the data.

      If I had to make my purchasing decision based solely on those two "features", I'd pick the Magic. But I don't.

    2. JaitcH
      Jobs Horns

      "You only hear about those in the iPhone because ,,,"

      your leader Jobs thinks the sun shines out his a*se and he can walk on water.

      If Jobs wasn't such a supercilious phallic symbol and admitted that he and Apple actually made mistakes - like the yet unfixed Grip of Death, exploding batteries, etc. - we would cut him some slack.

      As it is he is just making himself a target.

  13. Tom 13

    If you think that's funny, you should see what they tell Zynga

    when you aren't looking.

This topic is closed for new posts.

Other stories you might like