Apple's Siri is helping users bypass iOS security

Share this article:

Siri was designed to be an effective personal assistant, but since the release of iOS 7, the artificial intelligence is bringing the bad with the good.

Apple released iOS 7.0.2 to address the first big passcode-bypass in its weeks-old iOS 7 mobile software, but it didn't take techies long to circumvent the passcode security feature in the latest version of the platform.

The workaround only grants access to the phone app, but from there people can use the phone to dial anywhere they wish, listen to saved voicemails, view and change contact information, access photos, use Twitter, login to email and shoot out texts.

Dany Lisiansky demonstrated the bug in a YouTube video, where he also posted step-by-step instructions on how to make it work. Several users have taken to the comments section and Twitter to confirm the exploit is genuine.

Anyone holding a locked iPhone or iPad in their hand can try it out by using Siri to make a phone call (to another iOS device within reach) and then clicking the FaceTime button. As soon as the FaceTime app pops up, hit the sleep button, and then wake up the device and “slide to unlock.”

Finally, answer and end the FaceTime request on the device receiving the call. In his video, Lisiansky mashes on the end button on the device he is compromising, and is sent to the phone where he is able to access the whole slew of features.

Apple's iOS 7 was released on Sept. 18 and users quickly realized that, whether locked or unlocked, Siri can be used to switch the device into airplane mode to effectively disable the "Find My iPhone" or "Find My iPad" apps. Airplane mode can also be activated in the Control Center, a feature new to iOS 7.

Within 48 hours, Jose Rodriguez, who gained fame in the past for finding ways to bypass Apple's iOS security protocols for lock screens, became the first to slip by the passcode feature in iOS 7.

Apple released iOS 7.0.2 on Thursday, which patched the flaw discovered by Rodriguez and additionally reintroduced the option to use the Greek alphabet keyboard for passcodes instead of just the four-digit numerical option.

Apple has not commented on the iOS 7.0.2 bypass issue, nor has the technology giant commented on the ability to replicate fingerprints to bypass the Touch ID sensor exclusive to the iPhone 5s.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.