Apple fixes the Siri lockscreen bypass vulnerability

  • HT Correspondent, Hindustan Times, New Delhi
  • Updated: Apr 06, 2016 14:38 IST
Apple recently discovered iOS lockscreen bypass vulnerability which allowed unauthorized access to a user’s Contacts and Photos has been fixed (Reuters)

Apple has reportedly confirmed that they have fixed the iPhone Siri bug that allowed anyone access to conatcts and photo albums.

In a statement to The Washington Post , a Apple representative confirmed that a fix has now been rolled out. The statement further added that users should get the fix without the need for a software update.

Read more: New lockscreen bypass bug found on iPhone 6s, iPhone 6s Plus

The patch arrives in less than a day after the video was posted on YouTube explaining the lockscreen vulnerability, which was discovered by YouTube user Jose Rodriguez. He posted a video showing how anyone can bypass the lockscreen on 3D Touch enabled iPhones and get access to contacts and photos without a passcode or a fingerprint scanner.

Though for anyone to take undue advantage of the exploit, it only happens when users allow Siri to access their Twitter account, which requires their passcode or a fingerprint scanner on iPhones featuring Apple’s pressure sensitive Force Touch technology.

Detailing the scenario in the video, the user first asks Siri to perform a Twitter search for a tweet containing an email address, and performing a 3D Touch gesture on resulting link allowed access to Contacts and Photos.

also read

Brain-print scans more accurate than fingerprint ones
Show comments