How Hackers Are Getting Siri to Show Them Your Photos

06 Apr
Industry, News

When the FBI took Apple to court it was with the intention of ordering the tech giants to build a backdoor that allowed them entry into a terrorists locked iPhone, as we have previously blogged. The FBI has since dropped the case as they were able to find a way into the phone without Apple’s help, and it appears that someone else has too.
On Monday April 4, 2016, a bug was revealed that allows hackers to bypass passwords in order to gain access to photos and contacts. It is only possible on iPhone 6s and 6s plus, due to the 3D touch functionality, but anyone with physical access to these phones can access the user’s contacts, photos, text/picture/video messages, emails and phone settings. According to ZDNet, Benjamin Kunz Mejri – the man who found the bug, contacted Apple in March “but did not hear back from within a two-week window.” He claims the bug can be temporarily fixed by disabling Siri from the lock screen.

The likelihood of your data being compromised by this vulnerability is minimal due to a series of very specific, uncommon actions that have to happen in exact order to exploit the problem. The steps are outlined in the following video.

 


[i] Video from EverythingApplePro
While it may not seem like a very problematic bug in the grand scheme of internet misconduct, there are still many people who do not want their photos, videos or contacts to be viewed or shared without their authorization. The current iOS 9.3.1 was updated to fix a different vulnerability that caused browser links to crash. There has not been an update released yet for this bug, but we anticipate it won’t take Apple long.

 

Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.

You can find Secure Sense on Facebook,  LinkedIn and Twitter. Follow us for current company and industry news.

 

[i] Original video posting can be found here:
https://www.youtube.com/watch?v=6hsHzk9YFwc&feature=youtu.be