Major Security Hole Discovered in the iPhone

By Michael Santo
Editor-in-Chief, RealTechNews

For you CEOs and Enterprise users: hold on before saying the iPhone is perfect for business. A major security hole has been found in the iPhone, and though most will say “so what,” corporations who want Enterprise devices would say “whoa!”

A forum post detailed the ease with which you can get past the password lock. Assuming the phone is locked:

• Slide to unlock
• Tap emergency call
• Double tap the home button

You are now in your Favorites. But that’s not all, since you now also have access to your Address Book, the dial keypad, and your voice mail (unless you password protect that, which many do not).

Now, some will say, big deal, they can see your Contacts. Well, for an supposedly Enterprise-ready device, this would be a big deal. Corporations generally don’t want the contacts on their phones available for anyone to see (Paris Hilton sure doesn’t, if you remember that famous incident) and for most, this would be a deal-breaker.

But there’s more bad news.

• Tap on the blue arrows next to the names to get a look at the full info in a Favorite.
• Tap an email address in a contact to gain access to Mail.
• Tap an URL in your address book and get full access to Safari.
• Tap “Send Text Message” to gain access to all your SMSes.

Basically the phone is nearly totally unlocked. As I said, for most people: not an issue. For the Enterprise: a big issue.

There is a workaround: remap the Home button. To do this:

1. Go to Settings.
2. Click on General.
3. Click on Home Button.
4. Remap the button.

Suggestions have been to remap it to either “Home” or “iPod,” as then the double-click of the Home button will take you back to the unlock screen or the iPod screen.

Expect a 2.0.3 update soon, or at least expect this to be fixed in 2.1 (with that 3G fix, I hope!).