A security flaw has been detected in the popular Apple iPhone that allows anyone to gain access to its phone function without the need to enter a passcode.
The flaw, which this website has attempted successfully but is not able to describe due to legal reasons, involves a user pressing a couple of on-screen buttons and then a physical button, allowing them to bypass the passcode required to gain access.
Using the method, this website has been able to make phone calls on a passcode-protected iPhone 4 with the latest software updates and also send emails of contact cards – all without entering the PIN. Photos can also be seen.
Advertisement: Story continues below This website also attempted the bypass on an iPhone 3GS, an earlier iPhone model, which dosn’t appear to have the flaw. Testing it on an iPhone 3G running the latest software, an even earlier model, did allow for the bypass.
Comment is being sought from Apple Australia.
Some websites have reported that the next software version, which is currently available to software developers as “iOS 4.2 beta”, blocks the method. It is due for release in November.
When it is released users will be able to “patch” their phone, meaning a user won’t be able to bypass security in this way.
Apple has not yet indicated whether it will fix this issue prior to releasing iOS 4.2. Companies like Microsoft for example will, if they deem appropriate, rush out software fixes relating to security instead of waiting for the next round of patching.