A recently discovered security flaw affecting iOS 8.0 and up lets anyone bypass an iPhone’s password lock screen to access data including contact information, message logs as well as photos. The method is detailed in the YouTube video above by iDeviceHelp and requires two things: physical access to the device and that Siri has been enabled on the lock screen.
The first step is to call the target phone — if you don’t know the number, just ask Siri “Who am I” and she’ll spill the beans. When the phone is ringing press message and then custom. You’ll be taken to a screen where you can respond to the call with a custom text reply.
From there you need to ask Siri to enable voice over. The next steps might take a few tries as timing will be crucial. You must double-tap the contact info bar, and hold the second tap on the bar, while immediately tapping on the keyboard. You’ll know it worked when you see three icons slide into view from the side next to the message text field — you can turn off voice over at this point.
This should open up a “to” field on the SMS that will then let you search through contacts already on the phone. Clicking on the “i” icon next to a contact should show details about the contact, from where you’ll also be able to create a new contact, and when adding a photo for that new contact you’ll gain access to the phone’s camera roll while the phone is still locked.
The vulnerability has been reported to Apple so we’re guessing an update should follow shortly. Until then you can protect yourself by disabling Siri in locked mode.