A pretty major security hole has been found in iOS 4 for iPhone. This flaw lets you access the contacts of a password protected iPhone. No hack or technical skills needed.

On a password protected iPhone, tap the “Emergency Call” button then enter ###. Tap the Call button and immediately hit the Lock button. It will open your iPhone Contacts app from which you’ll be able to browse, edit, email, any contact.

Watch this Brazilian dude demonstrating the security flaw in action…

Bug no iOS 4.1 from Salomão Filho on Vimeo.

No doubt this bug will be fixed in iOS 4.2.

[9 to 5 Mac]