The iPhone 5s debuted with a fingerprint scanner for added security, but it turns out Siri can be a double agent – bypassing a pass code or even a TouchID-secured screen on iOS 7.1.1 is as easy as asking politely (the fingerprint scanner isn’t 100% trustworthy either).
The trick allows you to browse all contacts stored on the phone and make a call out to any one of them.
On a locked screen, you can activate Siri and ask for the contacts. The virtual assistant will correctly ask you to unlock the phone first. But if you instead ask Siri to make a call, Siri is a lot less demanding.
Here’s a video demo:
Sherif Hashim who found the exploit claims there’s an easy way to edit, copy or share the contacts too, plus send them a message or email, but didn’t show this in the video.
He recommends turning off Siri until Apple fixes the issue.
Thanks to Jonas for sending this in!
Comments
Rules for posting