iOS 4.1 Bug Allows Access to iPhone Contacts and Voicemails Despite Passcode Protection
The passcode bypass is performed by attempting to place an Emergency Call to a non-emergency number (such as "###") and quickly hitting the lock button on the top of the iPhone after placing the call. The iPhone immediately opens up to the Phone application, offering full access to contacts and other phone-related information.
It is unclear whether the issue exists in developer builds of iOS 4.2 currently being distributed by Apple, as some users have reported that they have been able to replicate it under iOS 4.2 while others claim that they can not. Complicating the assessment is a lack of information from these sources regarding which builds of iOS 4.2 they are running.
Update: Wired received a statement from an Apple spokeswoman, who noted that the bug will be fixed in iOS 4.2 next month.
An Apple spokeswoman contacted Wired.com with a response regarding the security flaw: "We're aware of this issue and we will deliver a fix to customers as part of the iOS 4.2 software update in November."