Word’s come out of a truly hideous iPhone Firmware 2.0.2 bug that allows any one who picks up your phone full access to your data… even if it’s password protected.
Here’s how it’s done. Access is gained through the “Emergency Call” option on the password entry screen. Now hit the Home button twice. You’re now at the favorites screen. Hit a blue arrow next to a contact’s name. Want access to email? Make to email them, then email someone else. Want to use Safari? Go to a contact’s web site, then just browse as normal. Easy. And totally stupid.
If you want to secure your iPhone before the obviously forthcoming point release fix, just assign your home button to something besides “Phone Favorites.”
But jeez, Apple. Another fuck up? This will not go over well with your business users. You’ve spread yourself way too thin.
Major Security Flaw in 2.0.2. [Mac Rumors via Cult of Mac]
Depends what you have your home button double-click set to… mine’s set to go the ipod, so this isn’t an issue for me at all.
Ok, all those who actually use the screen lock on their phone (brand doesn’t matter) raise your hand. Me, I just keep the ethereal silver thread between myself and my phone short…Bonus nerd points for understanding that reference.
I’ve tried using screen locks on multiple phones and always find the huge inconvenience far outweighing the possible impact the loss of my phone would cause.
(And I lock up my truly private data using “LockBox”. Sure, my e-mail would be annoying to have someone else peruse, but a simple p/w change and they can no longer get new e-mails…)
Hey, it’s a screw up, but it’s easy to fix. Besides, you couldn’t even lock my old phone, so it was always open to anyone.
#1: A) Until it’s fixed, companies can’t reasonably tell their clients that their proprietary data is secure B) a fuck up is a fuck up, and corporate customers will be leery of a company with a poor track record C) your last point isn’t even true. The old iPhone has always had a password lock feature. The fact is, some form of this flaw has existed for nearly a year. Hell, hackers used it to jailbreak back before the TIFF exploit was fixed.
Doomstalk: I said “my old phone”, not iPhone. My point was there are plenty of devices out there that don’t even offer a mediocum of this level of security, broken or not.
I’m with Claud9999; just don’t put that much on there to begin with.
In other news, leaving any sort of computing-style thingy that has secure info on it on the default settings is asking for it. No film at 11.