Security Flaw in iOS 9.3.1 Allows Access to iPhone Photos and Contacts

Status
Not open for further replies.

bushido

Suspended
Mar 26, 2008
8,070
2,746
Germany
What do you mean? I use it every day for playing music, making calls while in the car, set alarms and timers; it's by far the quickest way to set a reminder. And I'm using it in Italian.
every other town / region has its own words in Germany. people can tell when i use Siri cuz no one would actually talk / write among friends like that as in "proper german" lol OR siri simply doesnt understand what i am trying to say. I cant use it for music either cuz it never gets english words / artists right when i tell it to play english songs while being set to german
 

sorinc03

macrumors member
Apr 24, 2009
66
63
I have a 6s Plus with 9.3.1 and I can't reproduce it at all. Every time i do it I get asked for my passcode. If it truly is a flaw in the OS it would show up in all devices running it would it not?
I get the same. Pretty sure the guy in the video accidentally unlocked it with Touch ID or something.
 

MrAverigeUser

macrumors 6502a
May 20, 2015
726
332
europe
I am shocked:

Although I disabled Siri, you can activate Siri on my blocked iPhone5 with the home button!
how is it possible that

1) Siri can be activated although DISABLED?
2) How can it be that anyone can activate Siri even on a "securized" blocked iPhone under IOS 9.3.1 ???!!!

I begin to believe that the "fight" with the FBI is nothing but a big comedy and that apple in fact has opened all doors for them…. since 2012… (see NSA-papers from Snowdon)… while they pretend to care about customer security and privacy… it sounds more like a desperate marketing try for me….

Instead of playing in the sandbox with thinner products like little boys, apple should begin (or: restart) to develop stable, secure and usable operation systems…. what a garbage are they releasing - even the second s+++y release they give us in two weeks… a shame!

I want an OS that JUST WORKS !!!!
 
Last edited:

MoietyMe

macrumors newbie
Apr 17, 2009
3
4
What annoys me is that there is no way no make notifications anonymous. It would be nice to just read that there is a message, without names or content displaying on the screen. Androids can do that.
You sort of can. You can't totally anonymise them, but you can hide the message content:

Default settings:

alt=iOS notification shows full name and message contents

Settings -> Notifications -> App -> Toggle Show Previews

alt=iOS notification only shows name of sender, no message content visible
 
  • Like
Reactions: Macneck

6836838

Suspended
Jul 18, 2011
1,537
1,295
I have a 6S and it just says 'You need to unlock your iPhone' first when trying to access Twitter. I'm also using an alphanumeric password though.
 

cableguy84

macrumors 65816
Sep 7, 2015
1,377
1,919
every other town / region has its own words in Germany. people can tell when i use Siri cuz no one would actually talk / write among friends like that as in "proper german" lol OR siri simply doesnt understand what i am trying to say. I cant use it for music either cuz it never gets english words / artists right when i tell it to play english songs while being set to german
Thats quite bad, considering Germany is a market of 80 million + people
 

drumcat

macrumors 6502a
Feb 28, 2008
659
1,896
Otautahi, Aotearoa
Who uses Siri anyway? I've disabled it since it doesn't offer much to German speaking people like me.
Classic. I don't use a big feature, so stuff everyone. Ugh.
[doublepost=1459852885][/doublepost]
Thats quite bad, considering Germany is a market of 80 million + people
Let's be honest, though. Technically, it's tougher to work with languages whosewordsarethisdamnlong.
 

crashoverride77

macrumors 65816
Jan 27, 2014
1,234
203
I am shocked:

Although I disabled Siri, you can activate Siri on my blocked iPhone5 with the home button!
how is it possible that

1) Siri can be activated although DISABLED?
2) How can it be that anyone can activate Siri even on a "securized" blocked iPhone under IOS 9.3.1 ???!!!

I begin to believe that the "fight" with the FBI is nothing but a big comedy and that apple in fact has opened all doors for them…. since 2012… (see NSA-papers from Snowdon)… while they pretend to care about customer security and privacy… it sounds more like a desperate marketing try for me….

Instead of playing in the sandbox with thinner products like little boys, apple should begin (or: restart) to develop stable, secure and usable operation systems…. what a garbage are they releasing - even the second s+++y release they give us in two weeks… a shame!

I want an OS that JUST WORKS !!!!
I am shocked:

Although I disabled Siri, you can activate Siri on my blocked iPhone5 with the home button!
how is it possible that

1) Siri can be activated although DISABLED?
2) How can it be that anyone can activate Siri even on a "securized" blocked iPhone under IOS 9.3.1 ???!!!

I begin to believe that the "fight" with the FBI is nothing but a big comedy and that apple in fact has opened all doors for them…. since 2012… (see NSA-papers from Snowdon)… while they pretend to care about customer security and privacy… it sounds more like a desperate marketing try for me….

Instead of playing in the sandbox with thinner products like little boys, apple should begin (or: restart) to develop stable, secure and usable operation systems…. what a garbage are they releasing - even the second s+++y release they give us in two weeks… a shame!

I want an OS that JUST WORKS !!!!
Thinking is sometimes quite useful before posting.
 

djcerla

macrumors 68000
Apr 23, 2015
1,655
6,657
Italy
every other town / region has its own words in Germany. people can tell when i use Siri cuz no one would actually talk / write among friends like that as in "proper german" lol OR siri simply doesnt understand what i am trying to say. I cant use it for music either cuz it never gets english words / artists right when i tell it to play english songs while being set to german
We have dialects in Italy, too, but I speak to Siri in plain Italian, and sure she does understand.

About English names: there was an article not long ago about how Siri can now better understand region-distorted English words, and sure as hell, she gets my Italian-distorted requests for music. Strange that it does not work for German.
 

djcerla

macrumors 68000
Apr 23, 2015
1,655
6,657
Italy
Tried on my iPhone 6S+, iOS 9.3.1: the exploit DOES NOT WORK.

I can ask Siri to search on Twitter, but she immediately asks to unlock the phone.

[doublepost=1459853813][/doublepost]
Yes - so tell me more about my fault.

Is it wrong to think Siri is disabled when you disabled it??
If it's disabled, Siri won't work. So it's not disabled.
 
  • Like
Reactions: CaTOAGU

MrAverigeUser

macrumors 6502a
May 20, 2015
726
332
europe
I could start Siri from the securized screen and it even started immediately to ring someone from my contacts (the which I did not call up since two years) after I just said "hey siri" !!!

WTF is that ?????

I am getting VERY angry now…. security and privacy = ZERO...
 

crashoverride77

macrumors 65816
Jan 27, 2014
1,234
203
Yes - so tell me more about my fault.

Is it wrong to think Siri is disabled when you disabled it??
Of course not. My point was your useless and idiotic statement about the FBI and back doors. Smells of ignorance and you could have easily left out that part in your rant.
[doublepost=1459854026][/doublepost]
I could start Siri from the securized screen and it even started immediately to ring someone from my contacts (the which I did not call up since two years) after I just said "hey siri" !!!

WTF is that ?????

I am getting VERY angry now…. security and privacy = ZERO...
Stop posting please you are embarrassing yourself.
 

bushido

Suspended
Mar 26, 2008
8,070
2,746
Germany
We have dialects in Italy, too, but I speak to Siri in plain Italian, and sure she does understand.

About English names: there was an article not long ago about how Siri can now better understand region-distorted English words, and sure as hell, she gets my Italian-distorted requests for music. Strange that it does not work for German.
Siri open WhatsApp

You dont seem to have an App called Worts Apple, Worts ab, Worts@

Guess what "Blues Spring DIN" is :D
 

MrAverigeUser

macrumors 6502a
May 20, 2015
726
332
europe
Of course not. My point was your useless and idiotic statement about the FBI and back doors. Smells of ignorance and you could have easily left out that part in your rant.
[doublepost=1459854026][/doublepost]

Stop posting please you are embarrassing yourself.
I understand you are a typical apple-apologizer ?

You´d better stop apologizing important security issues…

as for the NSA papers of Snowdon: Better look at them before naming other peoples statement idiotic.. the NSA was proud to have finally access to apple products (since 2012)….

And the FBI just payed 15.000 USD to crack the phone (was done by an specialized enterprise from Israel). So much for "security barriers" of apple products…

perhaps they had just a talk with Siri…. and that´s it….
 
Last edited:

djcerla

macrumors 68000
Apr 23, 2015
1,655
6,657
Italy
I could start Siri from the securized screen and it even started immediately to ring someone from my contacts (the which I did not call up since two years) after I just said "hey siri" !!!

WTF is that ?????

I am getting VERY angry now…. security and privacy = ZERO...
What do you mean? That's the whole point of the "Hey Siri" function... not having to unlock the phone for basic tasks like calling. I use it all the time when driving or cooking, for example. You can disable it, of course, if it does hurt you.

Also, Siri works with your voice print, not everybody's.
[doublepost=1459854398][/doublepost]
Siri open WhatsApp

You dont seem to have an App called Worts Apple, Worts ab, Worts@
It works like a champ here, also dropbox, street view, everything. Maybe Italian is now more important that German? ;)
[doublepost=1459854598][/doublepost]
I understand you are a typical apple-apologizer ?

You´d better stop apologizing important security issues…

as for the NSA papers of Snowdon: Better look at them before naming other peoples statement idiotic.. the NSA was proud to have finally access to apple products (since 2012)….

And the FBI just payed 15.000 USD to crack the phone (was done by an specialized enterprise from Israel). So much for "security barriers" of apple products…


If they really paid $15.000 to crack one OLD phone, which happens to lack the Secure Enclave, that's quite the security barrier.
Do you think Android offers better security?
 

MrAverigeUser

macrumors 6502a
May 20, 2015
726
332
europe
What do you mean? That's the whole point of the "Hey Siri" function... not having to unlock the phone for basic tasks like calling. I use it all the time when driving or cooking, for example. You can disable it, of course, if it does hurt you.

Also, Siri works with your voice print, not everybody's.
[doublepost=1459854398][/doublepost]

It works like a champ here, also dropbox, street view, everything. Maybe Italian is now more important that German? ;)
[doublepost=1459854598][/doublepost]

If they really paid $15.000 to crack one OLD phone, which happens to lack the Secure Enclave, that's quite the security barrier.
Do you think Android offers better security?

What I mean?I NEVER EVER Used Siri and I DISABLED IT.

And nevertheless - after my iPhone locked itself after a minute, I just pressed the home-button for some seconds from that "securized" and "locked" screen, the GUI of Siri appeared and - for the very first time - I just said "hey Siri!" - and Siri just told me "I connect yyou with xyz" and I found myself on the GUI of the phone-call and was connected!!!

Again:
1) I DISABLED SIRI !
2) I NEVER used Siri!
3) I could nevertheless start Siri just by simply pressing the home button and it started immediately after I just said "Hey Siri!" to connect me with someone from my contacts !!!

Is this difficult to understand??

There is a BIG SECURITY BUG indeed !!!
you press the home button shortly: You have to tap your passcode.
you press the home button for some seconds: the iPhone under IOS 9.3.1 starts SIRI although disabled, and Siri connects you immediately with someone after you just said "hey Siri!" and you find yourself on the same GUI as you do if you call intentionally someone !!!
 
Last edited:

crashoverride77

macrumors 65816
Jan 27, 2014
1,234
203
I understand you are a typical apple-apologizer ?

You´d better stop apologizing important security issues…

as for the NSA papers of Snowdon: Better look at them before naming other peoples statement idiotic.. the NSA was proud to have finally access to apple products (since 2012)….

And the FBI just payed 15.000 USD to crack the phone (was done by an specialized enterprise from Israel). So much for "security barriers" of apple products…

perhaps they had just a talk with Siri…. and that´s it….
Do you know what security flaws are? Do you think iOS is 100% bullet proof? You are clueless
 

djcerla

macrumors 68000
Apr 23, 2015
1,655
6,657
Italy
What I mean?I NEVER EVER Used Siri and I DISABLED IT.

And nevertheless - after my iPhone locked itself after a minute, I just pressed the home-button for 2 seconds from that "securized" and "locked" screen, the GUI of Siri appeared and - for the very first time - I just said "hey Siri!" - and Siri just told me "I connect yyou with xyz" and I found myself on the GUI of the phone-call and was connected!!!

Again:
1) I DISABLED SIRI !
2) I NEVER used Siri!
3) I could nevertheless start Siri just by simply pressing the home button and it started immediately after I just said "Hey Siri!" to connect me with someone from my contacts !!!

Is this difficult to understand??

There is a BIG SECURITY BUG indeed !!!
So, make a video showing the disabled Siri in Settings and Siri working after that. It will earn you a lot of views for sure.
Tip: no video edits ;)
 

skwood

macrumors 6502a
Jul 8, 2013
890
591
Tonbridge, UK
What I mean?I NEVER EVER Used Siri and I DISABLED IT.

And nevertheless - after my iPhone locked itself after a minute, I just pressed the home-button for 2 seconds from that "securized" and "locked" screen, the GUI of Siri appeared and - for the very first time - I just said "hey Siri!" - and Siri just told me "I connect yyou with xyz" and I found myself on the GUI of the phone-call and was connected!!!

Again:
1) I DISABLED SIRI !
2) I NEVER used Siri!
3) I could nevertheless start Siri just by simply pressing the home button and it started immediately after I just said "Hey Siri!" to connect me with someone from my contacts !!!

Is this difficult to understand??

There is a BIG SECURITY BUG indeed !!!
Are you sure it wasn't Voice Control or something? Not saying you are being dishonest, but it seems highly unlikely to have happened in the way you describe.
 

Status
Not open for further replies.