Sithlord Piff
Superstar
iPhone security flaw lets anyone access your contacts and photos without a passcode
Apple iPhone 6S and 6S Plus users are being warned about a security flaw that could let attackers bypass the phone's coded lockscreen and access personal information, including contact lists and photos. Uncovered by researcher Jose Rodriguez, the bug applies to every software version, including the most recent 9.3.1 update.
When the iPhone device is locked with a password, the bypass is launched with the help of Apple's voice recognition software Siri. It is activated when a user asks Siri to search Twitter for email addresses, for example "gmail.com", which will result in a list of valid links being brought up on the screen. The user is then able to click on the link and, with the help of 3D-Touch, gesture a pop-up menu that appears containing the options 'Add to Existing Contact' and 'Create a New Contact'. When selected, the menu successfully opens the contact list on the locked device and, as the iPhone gives users the ability to add an image to a contact's profile, the full photo library is also open to snooping.
Following the 9.3 software update, users have been caught up in a number of bugs and glitches. Most recently, Apple was forced to release iOS 9.3.1 to patch a bug that resolved a widespread issue where applications, or even the device, would crash altogether after tapping links.
iPhone security flaw lets anyone access your contacts and photos without a passcode
Apple iPhone 6S and 6S Plus users are being warned about a security flaw that could let attackers bypass the phone's coded lockscreen and access personal information, including contact lists and photos. Uncovered by researcher Jose Rodriguez, the bug applies to every software version, including the most recent 9.3.1 update.
When the iPhone device is locked with a password, the bypass is launched with the help of Apple's voice recognition software Siri. It is activated when a user asks Siri to search Twitter for email addresses, for example "gmail.com", which will result in a list of valid links being brought up on the screen. The user is then able to click on the link and, with the help of 3D-Touch, gesture a pop-up menu that appears containing the options 'Add to Existing Contact' and 'Create a New Contact'. When selected, the menu successfully opens the contact list on the locked device and, as the iPhone gives users the ability to add an image to a contact's profile, the full photo library is also open to snooping.
Following the 9.3 software update, users have been caught up in a number of bugs and glitches. Most recently, Apple was forced to release iOS 9.3.1 to patch a bug that resolved a widespread issue where applications, or even the device, would crash altogether after tapping links.
iPhone security flaw lets anyone access your contacts and photos without a passcode