Comments on: Security hole opens up password-protected iPhones

Users report serious security flaw in iPhone 2.0.2 that exposes mail, texts, voice messages, and browser to strangers despite the device being password-protected.

[ralfthedog]

This is a big flaw. It should be easy to fix.

Honestly, it does not matter what phone or PDA you use, don't put anything on it that you don't want others to find out. Short of hard encryption, nothing will protect you from a Dremel and a flash reader.

[Perry_Clease]

See this story: http://www.ipodobserver.com/story/37028

[corporatejet]

Big deal. Someone can call your favorites list. Simple way around is to set the option to either bring up the Home screen or the iPod player.

My iPhone is set to launch iPod player when double click is pressed. If I loose my phone the worst someone can do is listen to my poor taste in music.

[NewsReader_]

This is a big deal for corporate users who use ActiveSync to get email to their phones.

Shame on you Apple!

[corporatejet]

If it's such an issue then your company should be using BlackBerry. I've been using the iPhone since day 1 and would not recommend it for a corporate device. Great for web browsing if that's all your users do with their phone.

As 'intuitive' as the interface is, a button push, a slide gesture, enter a pin code, click contacts, wait for contact list to appear (software bug still not fixed), scroll through list to locate contact, select contact, select phone number to dial.... seems a long process to make a phone call. The main purpose of a "phone".

[professionaladventurer]

We are talking about a phone right? My high security solution? I don't lose my phone or let it get stolen. I keep track of my expensive hand held hardware (don't leave it on the milk deck at Starbucks). I use my phone all the time and it is not really reasonable to put it in password mode. I am also not a geek or 15 year old girl, but rather look like how nature says "don't touch" so muggers generally give me a pass if they see me on the subway at 2 am.

[whiterabbit--2008]

That key lock should not be considered serious protection in the first place. I've never used mine because it's not only an inconvenience to others, but to myself as well. Also, I do not send private information like SSNs and credit card numbers by email, that's stupid; if you do then you deserve to have your identity stolen.

I actually did lose my iPhone once; my email was the least of my concerns upon realization. In fact I'm glad that I wasn't using the key lock, some kind soul picked it up and dialed one of my favorites (one which I'd entered as a relationship with just this case in mind) and it was then returned to me.

[gggg sssss]

Crapple has a security flaw? I was told that was impossible. Oh well, back to issuing Windows Mobile devices to the sales guys. But the iPhones look SO cool.

[Perry_Clease]

"Oh well, back to issuing Windows Mobile devices to the sales guys."

Good idea! Dump the junk devices on the yacktards so you can give the iPhones to the real workers.

[joetesta70]

Funny my Blackberry seems secure. Typical Crapple.

[Kreuzer33]

Another iPhone issue. Guess it's still not time to buy an iPhone.

http://kreuzer33.wordpress.com/2008/08/28/iphone-security-issue-exposes-consumer-data/

[Vegaman_Dan]

This appears to be an oversite on Apple's part. There is only so much testing you can do in labs. The ultimate test is to give it to uninfomred customers who will quite likely come up with key combos and situations that you simply cannot test for.

How quickly this is addressed will be the next question.

This is a serious security issue for any corporate email use, which already has issues with the unit in general, so this may cause more problems for it to be adopted seriously as a business class device.

Give it time. It's still in the testing phase at this point. It will only get better over the years.

[Seaspray0]

I have always said no operating system is secure, and that includes phone OS's. Perhaps you macfans are willing to listen now?

[tech_crazy]

You don't go about not testing it enough and then positioning it against entrenched competitors like RIM. There is a reason why companies do thorough testing - alpha, beta, etc and evals/quals.

[t26l]

nearly all tech is gonna have <i> some</i> sorta security hole...what are patches for? :D