The use of passcode for the protection of users’ data on iPhone Smartphone doesn’t protect users from the possibility that local ill-intentioned will access their data.
A new flaw allows bypassing the passcode protection, even when Touch ID is properly configured, and access photos and messages stored on the device.
The critical vulnerability affects the iOS 8 and newer versions of the Apple OS, including 10.2 beta 3. An attacker can bypass iPhone passcode and gain access to personal data on the device by exploiting the Apple personal assistant Siri.
The security issue has been discovered by EverythingApplePro and iDeviceHelps who made public it and published a video PoC of the hack.
The attacker needs the phone number of the target iPhone and access to the phone for a few minutes. If he doesn’t know the phone number, well Siri will reveal it with a simple query, “Who am I?”
Waiting for a fix, it is possible to protect the user’s device by disabling Siri on the lock screen, this means that the personal assistant will be accessible only after providing the iPhone passcode or the fingerprint.
Go to the Settings → Touch ID & Passcode and Disable Siri on the Lockscreen by toggling the switch to disable.
Another possibility consists in removing Photos access from Siri in this way:
Go to Settings → Privacy → Photos and then prevent Siri from accessing pictures.
Experts believe Apple will fix the issue in the next version of iOS 10.2.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – iPhone 7, mobile)
[adrotate banner=”5″]
[adrotate banner=”13″]
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their…
A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all…
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting…
The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the…
A cyber attack has been disrupting operations at Synlab Italia, a leading provider of medical…
This website uses cookies.