The passcode feature on the latest version of Apple’s iPhone can be bypassed, potentially allowing an unauthorized person to access data on the device if it is lost or stolen.
The issue was posted to a MacRumors.com discussion forum and affects iPhone 2.02. Users can lock the iPhone with a four-digit passcode to limit access to the device and prevent unauthorized use. However, by pressing the emergency call button at the unlock screen and then hitting the home button twice, a user is taken to the iPhone’s private “favorites” page without having to log in. If this is done successfully, whoever has the phone can launch the browser and use the URLs, e-mail addresses or other information in favorites to access Web sites, e-mail and text messages stored in the phone.
Ironically, Apple issued a fix for the issue with iPhone v1.1.3 in January. Apple did not respond to a press request for information about when another fix would be available before deadline.
A possible workaround for this issue is to set the “home button” double-click preference to “Home” or “iPod” rather than the default “iPhone Favorites,” according to another poster on MacRumors.com.