A major security vulnerability has been identified within the iPhone 2.0.2 software – a flaw which affects users who have password-protected the device…

The simple trick, "gives anyone full access to your Mail, SMS, Contacts, and Safari, reports a member of the MacRumors forum.

And the trick requires the technological skills of a five year old – essentially someone trying to access a password-protected iPhone simply needs to tap the emergency call button, and then double tap the home button and then…

An unapproved user doing this would land in the iPhone owner’s favourites area. If the iPhone has web addresses, phone numbers or email addresses stored there, then the invader can gain access to this information.

There’s a video detailing the flaw on the Gizmodo website

UPDATE: iPhone users who want to guard against this flaw have a really simple solution – in (Settings) General access the Home Button Settings, and switch double-clicking from ‘Phone Favorites’ (default) to iPod. Then all any space invader will gain is access to your music collection. Perhaps that should be the new default, pending a repair? (Thanks to reader, 9to5Noob for the suggest).

UPDATE 2: From a 9to5Mac reader (who cites MacRumors for this tip) in comment below: "a better option is to switch double-clicking to ‘Home Page’ rather than ‘iPod’ which then returns to the passcode entry screen rather than give access to the iPod contents. This is from another posting in the MacRumors forum so not claiming credit for this."


About the Author