The iPhone's passcode is pretty superficial. Only the UI code actually enforces it, and this is one of the results of that distinction. In fact, when you unlock, you are still viewing the same process as you were before it was unlocked. It just called the "_unlockWithSound" method and set an internal state to unlocked.
Edit: as pointed out to me on IRC by comex (author of JailbreakMe), there is lower level protection in the "lockdownd" service, but since the UI controls that, it doesn't really provide any additional security except it blocks iTunes syncing and such).
However, with this "hack", you are still locked, so you can't do anything like opening apps (again, the UI process locks opening apps, as part of their "security"). But, I did some experimentation, and here's what I found for impact:
- You can read and edit contacts, of course.
- I am not sure if phone calls work, but they didn't appear to.
- While clicking an email address does nothing, clicking the "send contact"
lets you send an email to whoever you want, custom address and all.
- You can view all the photos by pressing the "add photo" on a contact you edit.
You can also take new ones saved to there.
- You can send SMS and MMS using the same method as for email, but selecting MMS.
- You /cannot/ enter Safari or go to the homescreen: unless someone finds another
similar "hack" to exit the app, as then you could see the icons
(but, as the "is locked" flag is still "true", it won't let you launch apps).
- FaceTime doesn't seem possible.
This is a serious issue, and with the publicity it already has, I would only expect Apple to fix it (with a 4.1.1 firmware release, of course, I don't expect them to care about their iPhone 2G owners back on 3.1.3) within two weeks. However, if they want to fix this, they need to redesign the workings of the lock screen. The current way it works is incredibly simple to circumvent.
Finally, on an unrelated note, the same exploits used in the jailbreak tools like "greenpois0n" and "PwnageTool" can be used to get around the passcode and get full filesystem access, or just remove it altogether. But you do need a computer for that, which you don't with this.
I think it's a fair assertion. It's not especially necessary for the HN crowd since we're largely technical folks, but not everyone here does software, right? It does assume a little familiarity with some abstract software knowledge.
I'm new here, but my reasoning was that it seemed a lot more technical than what else was being posted in that comment thread. Most of that seemed to be "is this a big deal?", not "why does this work?". I'm still learning, so is that kind of "disclaimer" something to avoid?
I don't think anyone's going to honestly yell at you for disclaimers if you feel you need them, but I think it's safe to assume that the folks here know how to use Google and Wikipedia and are fairly smart.
So long as you're not talking about something extremely esoteric relative to the sort of stuff that shows up here on a regular basis. I would feel comfortable referring to the Sieve of Eratosthenes in an offhand manner. Anyone on HN can probably look at the Wikipedia page and figure out what's going on.
If I refer to Negishi coupling, on the other hand, I should probably try to explain what they are and it might be prudent to provide a disclaimer that I'm going into esoteric O-chem stuff.
It's actually worse than the article suggests; from the phone app, you can get to Mail and SMS (Share Contact); from SMS, you can get to the phone's camera roll; I'd be surprised if URL expansion didn't get you to Safari via Mail or SMS.
On the other hand, it's not like the keypad lock was Fort Knox. I don't even bother with it normally.
It'll make corporate iPhone users (well, more the IT departments really) think twice (again??) about their iPhones on their network. For all the crap that RIM gets, they do get the whole corporate environment and security lock down thing right.
I think iOS was already on every sysadmin's shitlist for quite a while. I remember some of my friends on the networking side complaining a good deal about the iPad's DHCP lease shenanigans.
Is Law #3 really true for this iPhone scenario? I get that the bad guy should have access to the data on the machine, but should they be able to log into your account and impersonate you? Even with physical access that should NOT be possible.
I don't know about others, but I feel that the iPhone is a terrible phone to use in an emergency. I currently have a 3G which contributes to this, but it takes me at least 30 seconds to go from holding the locked phone (I have no pass code on it) to actually hearing the ring tone. I've had to dial 911 twice on it and it was not a quick experience and since the second time it was for someone who crashed their car head first into a tree right outside of my back yard it was kind of critical that I dial quickly.
Really? I'm seeing something very different. Not only is it not timing out, but I can't even lock it again manually. Neither the home button nor lock button do anything (except take a photo if I press them both, which I just now discovered).
EDIT: I can re-lock it by holding Home to get to voice control, then cancelling that and pressing Home or Lock.
EDIT2: It takes a screenshot, not a photo. Damn, photo would be way more useful.
When you're on the contacts screen, hold down the power button until the power-off screen comes up, then press cancel. That should stop it from going back to the lock screen.
I can't seem to replicate it, but one time I was able to get to the home screen by double clicking the home button, switching to a different app, and then pressing home a single time to return to the home screen.
This is one of those rare kinds of mistakes where I really believe someone's head should roll. They gave away the privacy of potentially millions of people. It will have real world consequences for some of them.
A keypad lock bypass is going to give away the privacy of millions of people? No it won't. Most people don't even use the silly thing; it isn't on by default.
How do you know how many people use the lock feature? Maybe I know a paranoid group of people, but at least half use it, probably more. Even if it's 10% that's still a very large number of people.
And what's "silly" about preventing people from getting immediate access to your email account or text messages? You can get into most people's online bank account once you have their email.
If you know someone who would do malicious things with your contact list, I think you've got bigger problems.
And playing devil's advocate, sure a thief could steal your phone and use this exploit (if he even knew about it), but what's he going to do with the contact list? If someone steals your iPhone, they did it to wipe it and resell it. There are much, much easier and less risky ways of getting large lists of people's contact info if that's what they're after.
Programmers make mistakes. Saying they should get fired over this is a bit silly, IMO.
EDIT: I'm not trying to downplay the seriousness. It's definitely serious. I've known some people who would use this against their "cheating" girlfriend in a heartbeat to see who they've been calling. But I seriously doubt anywhere close to millions will be affected.
Okay, how about this scenario. Someone with access to someone's office steals their phone and sells it or its information to the highest bidder. I used to work in the same building as FOX News. One day Rita Cosby's Blackberry showed up in our office space ... totally separate elevator banks, different floor, different everything. Our best guess was that someone from the cleaning crew grabbed it, got scared, and ditched it, but someone with other motives could do some serious damage in a day where smartphones provide portable access to a massive amount of personal and private information.
Are you telling me that a sufficiently motivated entity couldn't get to the data stored on the phone? Once you have physical access to a device, things like this kind of become moot anyway, don't they?
Sufficiently motivated? Absolutely. But I contend there's a huge difference between something that takes technical skill to obtain versus something demonstrated on YouTube and is simple enough that my mom could make it happen.
Well, hang on, that's not fair. Your first example cited selling a device to someone vastly interested in obtaining extremely valuable data - imagine this happening to President Obama's iPhone. But now you're saying that the concern is coming from someone who can figure this out by watching a YouTube video.
I seriously doubt anywhere close to millions will be affected.
In his defense, he was saying that the privacy was potentially compromised, not that they would be affected. All iPhone users have had their privacy potentially compromised.
The iPhone's passcode is pretty superficial. Only the UI code actually enforces it, and this is one of the results of that distinction. In fact, when you unlock, you are still viewing the same process as you were before it was unlocked. It just called the "_unlockWithSound" method and set an internal state to unlocked.
Edit: as pointed out to me on IRC by comex (author of JailbreakMe), there is lower level protection in the "lockdownd" service, but since the UI controls that, it doesn't really provide any additional security except it blocks iTunes syncing and such).
However, with this "hack", you are still locked, so you can't do anything like opening apps (again, the UI process locks opening apps, as part of their "security"). But, I did some experimentation, and here's what I found for impact:
This is a serious issue, and with the publicity it already has, I would only expect Apple to fix it (with a 4.1.1 firmware release, of course, I don't expect them to care about their iPhone 2G owners back on 3.1.3) within two weeks. However, if they want to fix this, they need to redesign the workings of the lock screen. The current way it works is incredibly simple to circumvent.Finally, on an unrelated note, the same exploits used in the jailbreak tools like "greenpois0n" and "PwnageTool" can be used to get around the passcode and get full filesystem access, or just remove it altogether. But you do need a computer for that, which you don't with this.