iOS 9.3.1 bug lets anyone see iPhone’s photos and contacts using Siri


A longtime iOS expert has discovered a really easy way to view an iPhone’s photos as well as contact list without fingerprint or passcode through Siri.
First spotted by the Daily Dot, YouTube user Videosdebarraquito shows how to unlock the iPhone 6 and 6s Plus with some indirect talking and tapping and not a single passcode. You will be able to view the phone’s contact list and photo albums. Check the video,

By searching through Twitter for email addresses, the 3D Touch capabilities allows the users to tap directly into Contacts, and from there it’s just simple to tap over the photos.
Given below are the steps, by which you will be able to test the exploit yourself. They are the following:
  • Activate Siri, either with the home button or by saying “Hey Siri
  • Ask Siri to search Twitter
  • When Siri asks what to search for, say “@gmail.com” or the second half of any other email address.
  • When Siri produces the list of results, find a tweet with a full email address in it.
  • Click the tweet and then, using the 3D touch of the iPhone 6s and 6s Plus, firmly press on the email address so that the pop-up window appears.
  • Click “Add new contact” From here, you’ll be able to click the photo box to view all the photos on the device. Alternatively, you can click “Add to existing contact” to browse all the other contacts saved on the device.
It is really important to note that this exploit is only possible using the 3D touch pop-up feature and is therefore only doable on the iPhone 6s and 6s Plus. The exploit works with iOS 9 through the newly released 9.3.1.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s