Apple Fixes Siri Lock-Screen Bug

...

Apple has fixed a bug in iOS 9.3.1 that enabled access to certain iPhone content without a passcode or fingerprint scan.

Uncovered early this week, the security hole required a very particular set of circumstances to work, so most iOS users were probably not at risk. Nonetheless, Apple confirmed to PCMag that the bug was fixed and rolled out to consumers on Tuesday.

To activate it, users had to own a Force Touch-compatible iPhone 6s or 6s Plus and give Siri access to their Twitter account. Perhaps most importantly: a hacker would need to find a tweet containing someone's email address (or something formatted like one). If the planets aligned, then it was easy for anyone to launch the 3D Touch Quick Actions menu, tap "Add to Existing Contact," and gain entry to the user's contacts list and photos (via profile pictures).

The loophole, according to AppleInsider, was also applicable to Siri results for WhatsApp friends list searches.

If you're still concerned about potential intruders, try disabling Siri's Twitter integration and her access to the iPhone's photo library (visit Settings > Twitter or Privacy > Photos). The truly paranoid, meanwhile, can entirely incapacitate the virtual assistant.

The tech titan has, in the past, worked to fix similar attempts to bypass iDevice lock screens. Flaws in iOS 6, iOS 7, and iOS 9 also allowed hackers to circumvent a user's lock screen.

In September, meanwhile, certain Android phones running unpatched versions of the OS were susceptible to an exploit that easily opened access to a handful of Nexus handsets.

Categories
APPLICATIONS
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    Twilio Courts IT Pros With Management Tools

    Join All Analytics Radio on Tuesday, August 9, at 11 am EDT, to discuss how universities, employer By introducing enterprise management tools, Twilio aims to make it easier for large organizations to deploy cloud-based communication software.On Thursday, Twilio plans to introduce the Twilio Enterprise Plan, which provides tools for security, access management, and administration that address the needs of enterprises implementing cloud communication software.
  • 5300c769af79e

    Ditch the scanner, this iPhone app digitizes and restores faded photos

    If you’ve ever attempted to restore an old photographic print, you know it’s not an easy task.There might not be a need for all that hassle any more, thanks to a new app called Unfade.
  • 5300c769af79e

    Meet HoloFlex, a Holographic, Flexible Smartphone

    "It allows for glasses-free interactions with 3D video and images in a way that does not encumber the user.The result is a modest 160-by-104 resolution 3D image, which users can inspect from any angle by simply rotating the phone.
  • 5300c769af79e

    The Case for Re-Examining Mainframe MLC Software Costs

    Download Mainframe usage is on the rise thanks to the growth of digital business, making it critically important for organizations to actively manage costs associated with monthly license charges.This whitepaper will show you how to use a structured approach to identify your top cost drivers and exploit technologies that reduce MLC, without impacting service levels.