TechSpot

Siri will help you bypass someone else's iPhone lock screen

By Jos
Nov 18, 2016
Post New Reply
  1. A recently discovered security flaw affecting iOS 8.0 and up lets anyone bypass an iPhone’s password lock screen to access data including contact information, message logs as well as photos. The method is detailed in the YouTube video above by iDeviceHelp and requires two things: physical access to the device and that Siri has been enabled on the lock screen.

    The first step is to call the target phone — if you don’t know the number, just ask Siri “Who am I” and she’ll spill the beans. When the phone is ringing press message and then custom. You’ll be taken to a screen where you can respond to the call with a custom text reply.

    From there you need to ask Siri to enable voice over. The next steps might take a few tries as timing will be crucial. You must double-tap the contact info bar, and hold the second tap on the bar, while immediately tapping on the keyboard. You’ll know it worked when you see three icons slide into view from the side next to the message text field — you can turn off voice over at this point.

    This should open up a “to” field on the SMS that will then let you search through contacts already on the phone. Clicking on the “I” icon next to a contact should show details about the contact, from where you’ll also be able to create a new contact, and when adding a photo for that new contact you’ll gain access to the phone’s camera roll while the phone is still locked.

    The vulnerability has been reported to Apple so we’re guessing an update should follow shortly. Until then you can protect yourself by disabling Siri in locked mode.

    Permalink to story.

     
    Last edited by a moderator: Nov 20, 2016
  2. Uncle Al

    Uncle Al TS Evangelist Posts: 1,663   +774

    I always suspected she was up to no good ...... LOL
     
    JimmyJammy likes this.
  3. Old Cuss

    Old Cuss TS Rookie

    If someone, anyone, has physical access to my iPhone it can mean only one thing: It has been stolen. In which case I will already have wiped it clear of any info remotely. Not even worried about that one.
     
    wastedkill likes this.
  4. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 6,485   +2,038

    If someone, anyone, has physical access to my iPhone it can mean only one thing: I've lost my mind and wasted my hard earned cash on some Apple thing I never had any intention of buying and need to seek help... fast.
     
    Odium, mcborge and Misagt like this.
  5. Misagt

    Misagt TS Booster Posts: 100   +43

    This video is probably isn't meant for you then. Although remember someone doesn't need access to your phone for a long period of time to do this, it could be as simple as a co worker trying to screw you over. The fact that you can wipe your phone remotely doesn't mean a thing if they already got what they wanted. It's a hollow protection at best if someone is targeting you.
     
    Last edited: Nov 20, 2016
    Odium likes this.
  6. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 6,485   +2,038

    What do you mean the video is not meant for me? It's a publicly posted tech video on a public tech website of which I'm a member and carries no age restriction, and if it did, I'm many, many moons older than any age restriction that currently exists. I just have a different perspective of what I watched to you.
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...