Apple exterminates Siri lock screen bug with server side fix

Apple exterminates Siri lock screen bug with server side fix
Yesterday, we told you about a Siri search bug that allowed someone borrowing an Apple iPhone 6s or Apple iPhone 6s Plus, to break into the Contacts or Photos apps. This would be accomplished by asking Siri to do a Twitter search. If Siri is enabled to integrate with Twitter, and you use 3D Touch, breaking into the Contacts app is as simple as tapping on "Add to existing contacts." From there, getting into the Photos app is a snap. Following this process keeps the hacker from having to unlock an iPhone by punching in the passcode.

Instead of sending out a software update to fix the issue, Apple has already made a server-side fix that shuts the door on this exploit. Now, those following the process that allowed them to break into the Contacts and Photos apps of a vulnerable iPhone 6s or iPhone 6s Plus, will be prompted for information that will verify their identity, or stop them from advancing any farther.

We imagine that Apple decided that after rolling out iOS 9.3 and quickly following with iOS 9.3.1, that it would look better from a public relations standpoint not to send out another software update so soon. After all, iOS 9.3.1 was sent out just six days after iOS 9.3 to fix a problem that caused app links to freeze, hang or crash. And a new update to iOS 9.3.2 would have been sent out just seven days later.

Instead, Apple went with the server side fix. The most important thing though, is that the Siri search bug has been exterminated. For Apple, the fact that it was able to do this without alerting the public is just an additional plus.

source: RedmondPie

Related phones

iPhone 6s
  • Display 4.7" 750 x 1334 pixels
  • Camera 12 MP / 5 MP front
  • Processor Apple A9 APL0898, Dual-core, 1840 MHz
  • Storage 128 GB
  • Battery 1715 mAh(14h 3G talk time)
iPhone 6s Plus
  • Display 5.5" 1080 x 1920 pixels
  • Camera 12 MP / 5 MP front
  • Processor Apple A9, Dual-core, 1840 MHz
  • Storage 128 GB
  • Battery 2750 mAh(24h 3G talk time)

FEATURED VIDEO

20 Comments

1. phonehome

Posts: 812; Member since: Dec 19, 2014

Nobody is perfect. Not Apple. Not Google. Not Samsung. Certainly not Microsoft, HTC or Motorola. NOBODY.

2. Mxyzptlk unregistered

+1 for the truth. Some people have trouble comprehending this.

9. xfire99

Posts: 1205; Member since: Mar 14, 2012

Go and look on the mirror and u see whom. Trolling on every freakind android security article and when it comes to Apple. Suddenly just silence.

18. Mxyzptlk unregistered

I think your programming broke.

8. AlikMalix unregistered

Everytime I see your name, a voice in the back of my head says "ET, Phone Home..."

10. phonehome

Posts: 812; Member since: Dec 19, 2014

L O L

12. kajam

Posts: 220; Member since: Jun 24, 2015

Problem is apple claim to be the perfect with only one device with a slightly different between each generation and upgrade they always bring a bug inside a bug fix and laugh at Microsoft and Google who had to deal with millions of devices with different hardware.

3. legiloca

Posts: 1675; Member since: Nov 11, 2014

This is what I like about Apple, they're lightning fast when giving out bug fix patches for their products, the con? they lack so much features as what the competition offers..

5. der_damo

Posts: 213; Member since: Sep 16, 2014

features are a thing of perspective.

6. AlikMalix unregistered

They lack Android features, and Android lacks iOS features, and before you say there's a sorta way to do this or that, or app, or root... Dont forget that on ios there's a sorta way to do this or that, or app, or jailbreak too...

4. vliang86

Posts: 337; Member since: Oct 05, 2015

I agree, coming from an Apple fan...one thing Apple is best at is its App Store...Apps are more optimized and iOS often get early release of games.

7. AlikMalix unregistered

My friends are still waiting for Afterpulse so we can play against eachother... For now they join using my iphone 5s which runs the game just as smooth. Afterpulse got custom matches with password protection added in last update - this thing is about to get serious... lol...

11. gaming64

Posts: 234; Member since: Mar 22, 2016

Thanks for revealing this game. I found this to be available at PC too. Which means, time to rape.

13. AlikMalix unregistered

What do you use as iOS emulator? I hear iPadian is a scam... I play this on my 6s primarily, but when I have time, my favorite way to play is thru Apple TV on a big screen - the graphics are amazing even for a console..

14. gaming64

Posts: 234; Member since: Mar 22, 2016

That's what they said with the Modern Combat games. I say it's subpar with a PS3 game.

15. AlikMalix unregistered

If you gonna play AfterPulse, do pay attention to Fusion (upgrading weapons). Id read up on it or watch a utube video first. I made bad choices in the beginning. But I'm running a 5 star A500 among other weapons now - so getting pretty darn good at kicking butt and taking names.

16. davidsmith

Posts: 62; Member since: Mar 09, 2016

The best part of all this? If it can be fixed server side, it also can be opened up server side! Good reason not to enable Siri at all! This is such an obvious backdoor...

17. htcisthebest

Posts: 434; Member since: Nov 15, 2011

Maybe they should exterminate Siri altogether. Siri's intelligence is nowhere near Cortana and Goodle Now. I use an iPhone 5s with ios 9.3 so I know.

19. AlikMalix unregistered

i only have one problem, Siri is not good at recognizing spoke international names very often, unless I switch siri to that language and then no problem... I end up using phonetic nicknames for those contacts - problem solved, but I shouldn't have to do that. Haven't tried google now or Cortana on Android to see if that's the same problem with my native language... Other than that, Siri does all I ask with 85-90% accuracy in loud areas, and 95%+ in quiet areas (Siri got a little worse with iOS 9, but not that much... before iOS9, i'd say Siri was 97-98% accurate, mind you I speak with a slight accent, too)...

20. bassembm

Posts: 143; Member since: Dec 27, 2015

Bugs Bugs Bugs everywhere ,, INNOVATION

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.