Hello All,
Thank you for allowing me present at the last Mobile Portland meeting,
it is great to see such an active group here in Portland focused on
mobile development.
An interesting follow-up to my presentation is the press regarding a
security vulnerability in the iPhone, which makes the password screen
easily circumventable:
http://blogs.zdnet.com/Apple/?p=2198
By clicking the "Emergency Call" button and then the home button twice
you are able to access favorites, which allows access to the address
book, which allows access to email and other contact details, as well
as Safari. This is a great example of a security feature not being
implemented correctly, the process was not fully thought through.
However, passwords on other mobile phones are easily cracked, it is
not just Apple that has the problem. In general, once an attacker has
physical access to the system all bets are off with regards to
passwords, it is only a matter of time before they gain access...of
course not as easy as the current iPhone hack :-)
This will be a bit of a black eye for Apple, hopefully they launch an
update that includes a fix soon and learn from this.