Security News

New Siri-Enabled Lockscreen Bypass is Extra Juicy

Posted on September 24th, 2013 by

enter-passcode-blog-header

First, it was the Lockscreen Bypass as brought to you by Control Center. Then it was the Emergency Call bypass. Now it's Siri's turn to bring the bypass mojo. I think this qualifies as a record-breaking crop of bypass flaws for a new iOS version. Who even needs to hack TouchID when you can get to all the juicy bits on peoples' phones without going through the trouble of finding a high-resolution, un-smudged fingerprint?

This new Siri-enabled lockscreen bypass is extra juicy, as it's the "best" of both previous compromises. Not only were the researchers able to access Facebook, Twitter, messages and email, they could also make phone calls. Moreover, they could view calling history, contacts, and saved Maps locations. But wait, that's not all! The vulnerability also exists in iOS 6.

The solution to this, for now, is more disabling: go to the Settings app, and select the settings for “Control Center.” There you can disable Siri. While you're at it, you should also disable “Control Center.” If you're feeling particularly security-conscious, you can disable “Notification Center” as well.

  • Al Varnell

    Apple says they have now fixed with iOS 7.0.2.

Join Our Awesome Email Newsletter

Enter your email address below to start receiving the best Mac Security Updates.

{"url":"\/marketo\/json\/add-to-newsletter","data":"list_name=Blog Roadblock"}