Siri Security Flaw Gives Access To Photos And Contacts On iPhone 6s, 6s Plus

Dave Calpito, Tech Times 05 April 2016, 09:04 am

A newly uncovered Siri security flaw enables illegal access to the Contacts and Photos in the iPhone 6s and 6s Plus without using a passcode.

This particular bug was unearthed by Jose Rodriguez, the same Spanish researcher who revealed another lockscreen bypass flaw in September that allowed nefarious individuals to access the owners' photos and contacts from iPhones, even if users already updated their device to iOS 9.0.1. The iOS 9.0.1 was the most recent iOS update during that time.

This vulnerability, though, seems only useful in particular situations.

A report from AppleInsider, which confirmed this lockscreen flaw from Rodriguez, says that this security hole specifically applies to Apple's most recent iPhones, the iPhone 6s and 6s Plus, that are set to allow Siri access to users' Twitter accounts, Photos and Contacts.

After the hacker summons Siri by long-pressing the home button, or via the phone's "Hey Siri" feature, the voice-activated digital assistant is then asked to carry out a search on Twitter.

"If the search results contain actionable Contacts data, like an email address, a 3D Touch gesture can be used to call up a contextual menu with options to send mail and add or modify contact information," explains AppleInsider.

Once the hacker hits the "Add to Existing Contact" option from the menu, the device's Contacts list is then launched. This way, Photos can also be accessed.

Before a hacker successfully exploits the bug, iPhone owners should have first configured Siri's access to their Twitter accounts, photo libraries or other apps.

Upon carrying out the initial Twitter search via Siri, the virtual assistant is going to ask the user permission to access the user's Twitter account. The digital assistant then necessitates the owner of the account to confirm the ownership by keying in a passcode or through Touch ID.

How To Disable Twitter Integration

If you own an iPhone 6s or iPhone 6s Plus, don't fret. You can always disable Siri's Twitter integration by following these steps.

1. Head to Settings > Twitter.
2. Switch off Siri.

You can likewise disable Siri's access to your photo library through these steps.

1. Go to Settings > Privacy.
2. From there, look for Photos.
3. Switch off Siri.

AppleInsider says that this workaround is effective even if the device runs the most recent iOS version, iOS 9.3.1.

To provide proof regarding his claim, Rodriguez uploaded a video showing off how the attack is carried out.

Photo: Kārlis Dambrāns | Flickr

Join the Discussion

Apps/Software

Siri Security Flaw Gives Access To Photos And Contacts On iPhone 6s, 6s Plus

How To Disable Twitter Integration

NASA James Webb Space Telescope Makes Shocking Discovery Regarding a Cold Brown Dwarf

Former TikTok Employees Expose Social Media Platform's Alleged Ties to China and Data Sharing

New Drug Shows Promise in Slowing Motor Deterioration Caused by Parkinson's Disease

Drake Responds to Alleged AI Track 'Push Ups,' With a Deepfake

Donald Trump's Truth Social Is Now 'Woke,' Committed to DEI: Corporate Governance Guidelines Reveal

Acer

Meta

Intel

Apple

Apps/Software

Siri Security Flaw Gives Access To Photos And Contacts On iPhone 6s, 6s Plus

How To Disable Twitter Integration

Related Article

Subscribe to Tech Times!