You’ll never guess the accomplice that enables unauthorized user access on iOS 9 devices. She lives within the system itself.
A potentially massive loophole has been uncovered in the iOS 9 device lock screen, enabling access a user’s contacts and photos without ever having to enter the correct PIN.
In a YouTube video posted by an individual called Jose Rodriguez, he goes through the motions of demonstrating how this can be done by recruiting none other than Apple’s own built-in voice assistant Siri.
Here’s how it appears to work: after entering an incorrect PIN several times, he launches Siri from the lock screen, then simply asks what time it is. When the results show up, there’s a search field at the top of the screen from which he proceeds to further search for information from areas of the iPhone such as the Contacts, Messages and Photos. All of this without ever leaving the lock screen.
It is clear this is a significant loophole that is likely to be addressed by Apple shortly, but in the meanwhile it appears that several areas of the device containing personal information in iOS 9 are open to access.
This flaw only adds to the prevalent issues that have cropped up since iOS 9 was launched recently. In the interim, one recommended method to prevent unauthorised access using this method is to simply disable Siri access on the lock screen.
No comments:
Post a Comment