A nasty glitch in iOS 4.1 lets anyone easily access both the phone and photos app on every model of the iPhone. The bug was found by a MacRumors forum member last week, but has just recently received major attention.
To bypass the password protected lock-screen, all you have to do is tap “Emergency Call”, enter a random number and hit call, then quickly press the lock button. You will then be booted to the phone app, where you can access contacts, recent calls, and even dial a number. If you tap a contact’s picture ID, you will be taken to the Photos app, where you have full access to view any picture. In this state, neither the home button nor the lock button do anything, and to exit you will have to make and end a call – at which point you will be brought back to the lock-screen.
It’s possible that there is another yet-to-be-found loophole which would allow access to any application, but at the moment it looks like it is restricted to just the two. (Note: The bug affects users whether or not they are jailbroken, and multitasking apps like Multifl0w seem to give users total access to any running app.) Users are reporting that the bug is not replicable on the latest beta of 4.2, which is a relief. Apple may push out a quick update to patch the problem, which means you will definitely need to back up your SHSH blobs if you want to keep your untethered jailbreak.