Skip to content ↓ | Skip to navigation ↓

Adding to the growing list of security vulnerabilities and work arounds being discovered for iOS 7 is the fact that the lock screen can easily be bypassed by simply using Siri.

Siri is enabled by default in iOS 7, and by pressing the home button you can activate Siri and ask her all sorts of questions and issue commands.

No need to bring out the waterboard, because Siri sings like a canary. Here are a few questions I grilled her on that she not only provided answers for, but also at times collaborated with me in my crimes:

  • What is _____’s phone number?
  • What is _____’s address
  • Where is my next appointment?
  • What is my address?
  • Check my voicemail. (shows who called but requires unlock to listen…whew!)
  • Show my recent calls.
  • Tell ____ ‘You are stupid’
  • Give me directions home
  • Post to Facebook ‘I have been held ransom, please send money’
  • Post to Twitter ‘Send me $50,000 in a brown paper bag’

On the positive side Siri would not let me check voice-mail or email unless I unlocked the phone. However I was able to post to my social media accounts, send text messages, get contact information such as phone number and address, and identify who has called recently.

I could also enable airplane mode on the device which will disable Siri, however it will also disable Find My iPhone and the victim’s ability to wipe the device, giving you more time to find ways to bypass the lock screen.

Even if a phone was not stolen and simply left on a table or “borrowed” by someone, a great deal of damage could be done. The best thing to do to mitigate the risk is to disable Siri from the lock screen:

  • General -> Passcode Lock (Allow Access When Locked).

 

Related Articles:

 

P.S. Have you met John Powers, supernatural CISO?

 

Title image courtesy of ShutterStock

Hacking Point of Sale
  • markslawler

    I was shocked as I discovered this for myself the other day. I'm surprised I wasn't able to ask Siri for my unlock code. Well actually, if you store any codes under contacts you actually can… For fun interrogate Siri while you phone is locked; Siri keeps no secrets and as Ken says in this post, is a real snitch…

  • bob

    just turn it off on lock screen lolz

  • Brandon

    It has been this way since the 4S came out.. I had to disable Siri from my lockscreen because of my friends..

    • lili

      how can you do that? disable Siri only for lockscreen?

  • Ephrum

    You can also ask Siri to dial numbers. Either those in your contact list, of just spell it out. If the phone has an international plan, SCORE!

  • Stanley

    Yes, you are right markslawler. I tried to interrogate today the siri from my iphone 5 and its really annoyng.

  • They finally found the voice behind Siri http://techlivewire.com/2525/who-is-the-voice-of-

  • Wow! Better idea not to list ways to hack iPhone I would imagine! That said, Apple employees and engineers should be the brightest and best in the world. Surely they can better protect personal data. Siri the downfall of the iPhone? Now that's a funny thought. Maybe somebody should send the articles to the "brains" at Apple?

    • Ajarn Spencer

      The complexities of issues which are plugged into each other with so many different apps on a smartphone or an iPad make it impossible to force in every possible loophole all home in the net. It is a very difficult job. So don’t be so hard on them but yes I do agree that they should take more interesting feedback and react more if they were really good developers.

  • Zelda

    please I need to lock my social sharing in deferent social networks

  • Bobby

    The system of using universal ports will also make it possible to charge cell phones with different operating systems, such as an iPhone or an android phone, simultaneously. These are just a few things that set it aside from other chargers.

  • Faci

    I have been crawling and not getting a better icloud lock removal service than those guys on the link. Can any one suggest a good service.

  • The system of using universal ports will also make it possible to charge cell phones with different operating systems, such as an iPhone or an android phone, simultaneously. These are just a few things that set it aside from other chargers.

  • Chris

    This seems pretty simple to fix. First, add an option for the owner to set what is given out when it is locked and the "Who owns this iPhone" is asked. Second, require a voice passcode whenever Siri is activated and the phone is locked. That way bluetooth systems in cars can be used without manually unlocking. Hopefully Apple is listening…

  • osman musa

    Siri has saved lives before. I heard of a story where a man was able to talk to Siri to call 911 when he got crushed by something heavy and couldn’t move. http://techlightspeed.com/462/paris-attack-survivor-claims-galaxy-s6-saved-his-life.html