Siri search bug allows others to get into your Contacts and Photos without knowing the passcode

Siri search bug allows others to get into your Contacts and Photos without knowing the passcode
A flaw has been discovered on the iPhone's virtual voice-activated personal assistant Siri. With this bug, someone in possession of your iPhone could get into your Contacts or your Photos without having to punch in a passcode. The bug affects Apple iPhone 6s and Apple iPhone 6s Plus models that are set up to allow Siri to search their Twitter account and Photos app.

To see the flaw in action, open Siri and ask Siri to do a Twitter search. If the search results contain data found in contacts, like an email address, use 3D Touch to click on "Add to Existing Contact." Not only does that bring up the Contacts list, that list can also be used to access the Photos on your phone.

You can prevent this from happening to you by disabling Siri's Twitter and Photos integration. All you need to do is go to Settings > Twitter and turn off Siri. Once that is done, go to Settings > Privacy > Photos and again, disable Siri.

We should point out that the first time you use Siri to search Twitter, you will have to verify that you own the phone via a correct passcode entry, or by using Touch ID. Once that has been completed, those knowing about the bug will be able to break into Contacts and Photos using the flaw as seen in the video below.



source: videosdebarraquito via AppleInsider

Related phones

iPhone 6s
  • Display 4.7 inches 1334 x 750 pixels
  • Camera 12 MP (Single camera) 5 MP front
  • Hardware Apple A9 APL0898 2GB RAM
  • Storage 128GB, not expandable
  • Battery 1715 mAh
  • OS iOS 14.x
iPhone 6s Plus
  • Display 5.5 inches 1920 x 1080 pixels
  • Camera 12 MP (Single camera) 5 MP front
  • Hardware Apple A9 2GB RAM
  • Storage 128GB, not expandable
  • Battery 2750 mAh
  • OS iOS 14.x

FEATURED VIDEO

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless