Hold On To Your iPhones, Apple Says Fix On The Way
The error essentially would allow an unauthorized person to circumvent password protections if a user's iPhone is lost, stolen or accessed by someone other than the owner. The tech blog Gizmodo.com outlined earlier this week that by quickly pressing the home iPhone home button, an individual could get the device to default to the owner's "favorites," therefore exposing potentially private files and contact information. Gizmodo demonstrated that it took only three taps to successfully break into locked iPhones, which run the latest 2.02 iPhone software.
Security experts maintain that the iPhone vulnerability, which enables attackers to access personal files and contact lists, emphasizes the necessity for users to keep their mobile devices secure, particularly those containing sensitive information.
"Basically, this threat just underscores the need for hanging on to your smartphone when you might have "sensitive" information on it," said Paul Ferguson, advanced threat researcher for Trend Micro.
"It also underscores the threat of putting all your eggs in one basket, particularly a smartphone, [or] any small gadget, that can slip out your pocket while in public transportation," said Jamz Yaneza, research project manager for Trend Micro. "Unfortunately the sleek lines of this phone make that a high probability."
An Apple spokeswoman told Reuters that the company was working on a fix, which it planned to release during the next security patch update. The spokeswoman said that there was a workaround, which required that users set the iPhone's "Home" button to open up the phone's iPod music collection, as opposed to the the "Favorites" menu.
Since its release July 11, Apple's 3G iPhone has been plagued with a barrage of security bugs. Apple released a software update last week, which reportedly fixed multiple problems with its connectivity to faster 3G wireless networks.
Also last week, security blogger David Park highlighed on the blogspot Matter of Park another security glitch that allows an individual to take information from an iPhone and then reset the "auto lock" function to "lock" indefinitely every four hours -- before the password is required -- until all the data is lifted.
Meanwhile, Reuters reported that Apple hopes its iPhones will compete with standard issue BlackBerry smartphone devices at the corporate enterprise level, despite major security holes.
Apple did not immediately respond to inquiries from ChannelWeb.