iOS 4.1 Bug Lets you Bypass Lock Screen

[harman03]

Folks at MacRumors Forums have found a major security flaw in iOS 4.1 which allows you to bypass the lock screen of any iPhone and gain access to the phone features of the device. It works by hitting the emergency call button and dialing a random number. When you do that and hit call, you quickly switch off the phone and switch it back on. Once this is done, the calling section of the phone is available.
Steps to reproduce the bug on a password protected iPhone are as follows:

• Make sure your iPhone is protected by a passcode lock.
• Now from the lockscreen, tap on “Emergency Call” button and enter any number ###.
• Now tap the Call button and then immediately hit the lock (Power) button on top and you should now see all your contacts.
• Now simply select any number to make the phone call.

When you are in the calling section you can browse around contacts, recent calls, favorites etc… and can make calls to any number. What you cannot do is switch your phone off when in this menu. To do this, you need to make a call and then hang up and switch off and back on to get back to the regular lock screen.
Apple has been reportedly notified about this issue. They are most likely going to patch it in the upcoming final release of iOS 4.2.


[ame=https://www.youtube.com/watch?v=hq8Dok2Th2s&feature=player_embedded]YouTube - iOS 4.1 Security Issue - Bypassing the Lock Screen to Make Calls