Apple Fixes Siri Lock-Screen Bug

...

Apple has fixed a bug in iOS 9.3.1 that enabled access to certain iPhone content without a passcode or fingerprint scan.

Uncovered early this week, the security hole required a very particular set of circumstances to work, so most iOS users were probably not at risk. Nonetheless, Apple confirmed to PCMag that the bug was fixed and rolled out to consumers on Tuesday.

To activate it, users had to own a Force Touch-compatible iPhone 6s or 6s Plus and give Siri access to their Twitter account. Perhaps most importantly: a hacker would need to find a tweet containing someone's email address (or something formatted like one). If the planets aligned, then it was easy for anyone to launch the 3D Touch Quick Actions menu, tap "Add to Existing Contact," and gain entry to the user's contacts list and photos (via profile pictures).

The loophole, according to AppleInsider, was also applicable to Siri results for WhatsApp friends list searches.

If you're still concerned about potential intruders, try disabling Siri's Twitter integration and her access to the iPhone's photo library (visit Settings > Twitter or Privacy > Photos). The truly paranoid, meanwhile, can entirely incapacitate the virtual assistant.

The tech titan has, in the past, worked to fix similar attempts to bypass iDevice lock screens. Flaws in iOS 6, iOS 7, and iOS 9 also allowed hackers to circumvent a user's lock screen.

In September, meanwhile, certain Android phones running unpatched versions of the OS were susceptible to an exploit that easily opened access to a handful of Nexus handsets.

Categories
APPLICATIONS
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    The Emergence of Managed IoT Services

    While most of the attention is on particular applications and technologies, I think managed IoT services will be one of the biggest market opportunities.Those managed services not only represent an additional revenue stream, they also give the managed service provider a significant competitive advantage because they can gain greater insights into their customers' evolving needs.
  • 5300c769af79e

    Lawsuit Raises Questions About The Right To Tinker With Tech

    Undoing digital access controls, or technical protection measures (TPMs) – often referred to as digital restriction management or digital rights management (DRM) – is unlawful under Section 1201 of the DMCA.Supporters of Section 1201 insist it's necessary to criminalize the cracking of digital locks to prevent the unlawful copying of digital content, otherwise known as copyright infringement.
  • 5300c769af79e

    Awesome Tech You Can’t Buy Yet: Submarine drones, a speed-trap solution, and more

    You don’t even get a chance you argue your way out of it — you just get a ticket in the mail a few weeks later, and are forced to either go to court or pay the fine.Its absolutely infuriating — but there’s a new gizmo currently raising funds on Kickstarter that might help alleviate the problem.
  • 5300c769af79e

    Google Fiber Aims To Deliver Home Internet Service Wirelessly

    It's toying with the idea of beaming wireless service to homes., the first market to receive Google Fiber, the company is testing the concept of delivering wireless Internet to homes, Schmidt told shareholders.