If an attacker gains physical access to a system, one can usually do very little to keep that device locked down. Apple seems to make things extra-easy for attackers with the new iPhone 3G, though. A member of the Mac Rumors forums has uncovered a major flaw that allows malicious users to gain access to certain passcode-protected iPhones. The forum member has helpfully detailed the steps needed to reproduce the issue, too:
Set iPhone to use passcode lock, have contacts marked as Favorites with links, phone numbers, addresses, etc in address book entry.
Tap "Emergency Call" keypad from passcode entry screen.
Double-tap home button.
Tap blue arrow next to contact's name. You now have full access to applications such as Safari, complete Contacts list, SMS, Maps, "full" Phone access, and Mail by accessing various entries on the Favorite's page, i.e. tapping their home page brings up a full, unrestricted Safari.
Gizmodo explains the flaw in more detail in this blog post, while a Reuters report has brought coverage of the problem to major news sites. Reuters contacted an Apple spokeswoman for more information, and she revealed that Apple knows about the issue and is working on a fix. Until that fix comes out, she says users can circumvent the flaw by configuring their iPhones so the "Home" button opens up the music collection rather than the "Favorites" menu.
|AMD drops prices on the Radeon RX 460 and RX 470||31|
|Reports: Radeon RX 470D is a budget Polaris card for China||6|
|Examining reports of slow write speeds on the 32GB iPhone 7||22|
|Cellular Insights dissects iPhone 7 Plus modem performance||11|
|Deals of the week: scads of high-performance storage and more||8|
|Tobii's Eye Tracker 4C knows where your head is||1|
|GeForce driver 375.57 is prepared for Titanfall 2||7|
|Phanteks Eclipse P400 gets a tempered glass option||0|
|Radeon 16.10.2 drivers add support for October's big games||10|
|A real "console monitor" would be 720p @ 30 Hz ;P||+58|