Siri glitch lets hackers bypass iPhone lock screen in iOS 7.1.1

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

Apple iPhone 5S in space grey gold and silverA RESEARCHER HAS DISCOVERED an exploit in iOS 7.1.1 that allows hackers to bypass the iPhone's lock screen to send a text, email or call contacts simply by activating Siri.

Egyptian neurosurgeon and part-time white hat hacker Shefif Hashim discovered the glitch earlier this week and posted a Youtube video (below) detailing the steps of the iOS exploit.

In the video, Hashim first tried and failed to unlock an iPhone 5S using its built-in fingerprint sensor, showing that the phone was locked. He then activated Siri and tried to access the iPhone's contact list by barking "Contacts" at the digital assistant, but Siri responded by saying, "You'll need to unlock your iPhone first."

Hashim went on to show how easy it is to skirt around Siri's advice, and instead asked the assistant to "Call", which prompted Siri to ask "With whom would you like to speak?" - allowing Hashim, and anyone else aware of the flaw, to search the iPhone's contacts list.

It is thought that this exploit can be replicated on any iPhone 5S handset running iOS 7.1.1, and while it doesn't give hackers access to other areas of the handset, this flaw likely will have some iPhone users worried.

Apple has yet to respond to the report, but likely will patch it in a future software upgrade, much like it has with similar exploits.

Earlier this year, for example, it was uncovered that by using a precisely timed sequence of keypresses, hackers could easily bypass the lock screen in iOS 7 to access a user's personal information.

This year it was also revealed that a glitch in Apple's iOS 7 software allowed hackers to easily disable Find My iPhone without having to enter a password. µ

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
Visitor comments
Add comments
blog comments powered by Disqus
More on Security
Bittorrent logo

BitTorrent users are 170 percent more likely to download legally than non-torrenters

Torrenters aren't pirates, they're highly-engaged superfans

Santa Punch

Santa delivers the gift of Mac anti-malware, with help from Google

Oh Google, your sense of humour sleighs us

Security threats - password theft

Microsoft and Sony out DerpTrolling's Xbox Live and PSN 'hack' as a hoax

Firms say no gamer credentials were pilfered

NCA arrests five in crackdown on hackers using RATs

UK cyber cops arrest five in Europe-wide crackdown on PC hijackers

And treat us to an anticlimactic video of the sting