New iPhone lock screen exploit exposes personal info with Siri's helping hand

New iPhone lock screen exploit exposes personal info with Siri's helping hand
A new iPhone exploit that gives potential hackers the ability to view sensitive information has been discovered.

YouTube channel iDeviceHelp has recently published a video that details how, through precise timing, a hacker with physical access to an iPhone can bypass the lock screen and view protected information such as contact info, message logs, and photos.

Following further investigation by iPhone users across the globe, it turns out that, with proper timing, this exploit works on any iPhone running iOS 8.0 or later. However, for the trick to work, the iPhone needs to have Siri enabled on the lock screen, as Apple's virtual assistant is a critical piece of the exploit chain. Also, hackers need physical access to the iPhone; there's no way of triggering the exploit remotely.

To gain access to sensitive information, a potential hacker needs to first call the iPhone, then start sending a message, and then ask Siri to turn on voice over. The next stage is the one where precise timing comes in, as the hacker has to double-tap-and-hold on the contact info bar and then instantly click on a keyboard that should appear on screen if the previous steps have succeeded. Check out this video for a visual explanation:



If the exploit has been successful, assailants can now get a contact's information by typing the first letter of a contact and then tapping the info button next to the contact.

Apple has been informed of the exploit and is expected to close the loophole through a future update. If you're worried that this exploit might affect you before Apple gets around to patching it, you can completely block it by disabling Siri when the screen is locked. To do this, head on to the Touch ID & Passcode preferences in the settings menu.

source: iDeviceHelp

FEATURED VIDEO

21 Comments

1. JesseJames

Posts: 226; Member since: Feb 22, 2015

Really? Who takes the time to figure s**t out like this? Sounds like some up down b a b a type s**t. Ain't nobody got time for that.

2. Unordinary unregistered

Youre late. Already has been fixed with a patch rolling out soon

4. maherk

Posts: 6930; Member since: Feb 10, 2012

How is it fixed if the patch Isn't released yet?

6. Scott93274

Posts: 6040; Member since: Aug 06, 2013

Damn, you beat me to it. lol.

9. Podrick

Posts: 1285; Member since: Aug 19, 2015

Look at his name, Unordinary. He likes to talk unordinary stuffs, thats my guess.

24. Mxyzptlk unregistered

What he said was true.

11. Unordinary unregistered

can't roll out a patch without a fix, right? maybe its just my broken english as a foreigner

14. maherk

Posts: 6930; Member since: Feb 10, 2012

You could have said that Apple has acknowledged the issue and is working on an update that will fix the issue soon, but I get your point now, so it's all good. And don't worry, English isn't my 1st language as well, we are both on the same boat :)

16. Scott93274

Posts: 6040; Member since: Aug 06, 2013

That's so sad... English is a second language for both of you? You're both much better at English than a lot of people I know that speak it as their first language... Oh well.

19. maherk

Posts: 6930; Member since: Feb 10, 2012

Living 2 years in Canada, and another year in the States definitely helped my English, and hopefully the many many years I will live in Canada will help further more, if everything goes as planned.

12. Nathan_ingx

Posts: 4769; Member since: Mar 07, 2012

His comment will have weight in the near future.

22. marorun

Posts: 5029; Member since: Mar 30, 2015

Thats exploit exist since siri exist unordinary. As usual we only ear about it in open media when its be patched soon. This prove again how apple user have a false sense of security.

3. imbruiselee

Posts: 6; Member since: Mar 18, 2014

Lol crazy psycho girlfriends have time for that.

5. sukrith2194 unregistered

The unbreakable phone broken!

7. asirfaysal

Posts: 98; Member since: Jul 19, 2016

It's a misleading video. Without the finger of the iphone owner, it can't be accessed. Siri worked because of the owner's touch id.

8. xondk

Posts: 1904; Member since: Mar 25, 2014

Fairly sure I predicted this would happen in a video where they talked about integrating siri further. Ah well.

10. kevv2288

Posts: 298; Member since: Jul 30, 2015

Yeah I'm sure all iPhone users are extremely worried about this one cuz u know its not like you have to do a bunch of steps and at the exactright time or anything just to get contact info?

13. Ironboned

Posts: 77; Member since: Jun 16, 2016

No idea why those Apple fans say IOS is mist secure os

15. Omran2000

Posts: 101; Member since: Aug 18, 2016

I wanna kill all the people who says that the iOS is the most secure OS ever ....

20. Plasticsh1t

Posts: 3109; Member since: Sep 01, 2014

25. aljololzz

Posts: 85; Member since: Nov 07, 2016

ommmmgggg

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.