{"id":168,"date":"2008-08-27T23:38:14","date_gmt":"2008-08-28T07:38:14","guid":{"rendered":"http:\/\/perivision.wordpress.com\/?p=250"},"modified":"2008-08-27T23:38:14","modified_gmt":"2008-08-28T07:38:14","slug":"iphone-security-hole-and-how-to-fix-it","status":"publish","type":"post","link":"https:\/\/www.perivision.net\/wordpress\/2008\/08\/iphone-security-hole-and-how-to-fix-it\/","title":{"rendered":"iphone security hole and how to fix it."},"content":{"rendered":"

I heard about this today at a iphone meet up and now its on digg.\u00a0 I’ve already fixed the hole on my phone and I recommend everyone else do it too.\u00a0\u00a0 The following text is from this article<\/a>.<\/p>\n

There’s a huge security problem in the latest iPhone 2.0.2: if you have your JesusPhone password protected, using a very simple trick gives anyone full access to your cellphone private information in Mail, SMS, Contacts, and even Safari. The two-step trick is even simpler to the one used in the past to gain access to the phone to install unlocking cards<\/a> or jailbreak. Fortunately, there’s a way to avoid this obvious security breach until Apple fixes it.<\/p>\n

First, password protect your phone and lock it. Then slide to unlock and do this:<\/p>\n

1. Tap emergency call.
\n2. Double tap the home button.<\/p>\n

Done. You are now in your favorites. This seems like a feature, because you may want to have emergency number in your favorites for quick dial. The security problem here is double. The first: anyone picking up your phone can make a call to anyone<\/em> in your favorites. On top of that, this also opens access to your full Address Book, the dial keypad, and your voice mail.<\/p>\n

If that wasn’t bad enough, the second one is even worse: if you tap on the blue arrows<\/em> next to the names, it will give you full access to the private information in a favorite entry. And it goes downhill from there:<\/p>\n

\u2022 If you click in a mail address, it will give you full access to the Mail application. All your mail will be exposed.
\n\u2022 If there’s a URL in your contact (or in a mail message) you can click on it and have full access to Safari.
\n\u2022 If you click on send text message in a contact, it will give you full access to all your SMS.<\/p>\n

Hopefully, this major security break that fully exposes your most private information will be solved as soon as possible. Until then, you can avoid any potential breach doing the following:<\/p>\n

1. In the iPhone home, go to Settings.
\n2. Click on General.
\n3. Click on Home Button.
\n4. Click on either “Home” or “iPod”.<\/p>\n

This way, the double-click on the home button will take the user back to the unlock screen (if you use “Home”) or the iPod screen. I recommend using Home. You will lose the ability to quickly access your favorites for a quick call\u2014which is one of my favorite features\u2014but that’s better than having all your private mails, contacts, and SMS database compromised. UPDATE: Evidently Apple has a fix coming in their next firmware update, but we’ve got no word on when that release is planned. [Tip from Mac Rumors forums member<\/a>]\n

Related Posts<\/H3>