Bug In Apple Siri Allowed To Access Your Contacts And Photos
To overcome the annoying activation lock bug found in iOS 9.3 , the latest version of Apple’s mobile operating system has been released called iOS 9.3.1 but now this version has also a flaw which is mainly.
This bug can affect your personal contacts as well as your photos without having access to your passcode.
Most important thing that this bug can affect iPhone and iPhone6s plus models having operating system iOS 9.3.1. Invoking Siri to your lock screen gets access to this bug.
Siri was initially developed by Dag Kittlaus and his team of SRI International as an iPhone app. Apple bought Siri in 2010. In October of 2011 Apple re-released it as part of iOS 5.
Siri is currently run by Bill Stasior, vice president, Siri, and the technology is integrated into the iPhone, iPod touch, and iPad, and into Apple's new HomeKit home automation framework. Siri is an intelligent computer program that can use your voice to schedule your meeting , make phone calls , send messages etc. Just tell Siri to do things as the way you talk. Siri understands the thing what you say and even reply back to you until you get your result.
This bug is related to Siri search and can be exploited by Siri attackers. Jose Rodrigues who has found this bug and has explained that having Siri access to your Twitter search can provide access to menu option as when you select contact to add to your email address it provides access to your contacts without having access to your phone password.
Apple’s phone also provide access to add photo to your contact profile, and the attacker has access to your personal photos. Its not by default firstly the user have to provide access to Siri to access to their twitter account ,photos and other apps. The Same case by clicking on the “add to existing contact” site attacker can have full access to your contacts.
How to Protect ?
Also, your Siri needs to be integrated with Twitter and your Photos app (these can be configured in Settings - Twitter and Settings - Privacy - Photos). You can protect by disabling this access in your setting options. The trick also works with the phone numbers which are included in twitter account via 3D Touch actions on a locked iPhone.
The easiest way to resolve this issue is to disable Siri's lock screen access. iPhone users can do, by going to Settings -> and then going to Touch ID & Passcode. Here they'll have to disable the "Allow access when locked" setting.
If you'd like to use Siri for other things when the phone is locked, you can optionally go to Settings -> Twitter and Settings -> Privacy -> Photos and cut off Siri's access to these apps.