iOS 9 hack lets anyone see all photos and contacts even if phone is locked
An exploit using Siri allows people to get around the iPhone’s security measures — but it’s easy to patch up, until Apple rolls out a proper fix
Your support helps us to tell the story
As your White House correspondent, I ask the tough questions and seek the answers that matter.
Your support enables me to be in the room, pressing for transparency and accountability. Without your contributions, we wouldn't have the resources to challenge those in power.
Your donation makes it possible for us to keep doing this important work, keeping you informed every step of the way to the November election
Andrew Feinberg
White House Correspondent
A bug in iOS 9 lets anyone see all of a person’s pictures or contact information, even if they have locked their phone.
A very quick workaround, which uses Siri, lets people into the phone even if the passcode and Touch ID fingerprint sensor is turned on.
To exploit the bug, would-be hackers repeatedly mash the numbers on the passcode screen until the iPhone threatens to lock the user out. Speaking to Siri to help open the Clock app, and then clicking through, allows people unfettered access to the Photos and Contacts app, potentially making available personal data.
The exploit has been shown in a proof-of-concept video by Jose Rodriguez, who has a track record of finding similar bugs in iOS. Rodriguez confirmed that the phone was not his to Apple Insider.
The bug can be easily prevented by heading to Settings and choosing Touch ID & Passcode. Turning off Siri when the phone is locked stops the hack from working.
Another way of keeping the phone safe is by using a longer, alphanumeric password, rather than the four or six digit passcodes that are set up by default.
The problem does not seem to have been fixed in iOS 9.0.1, the recently rolled out update to the system.
Similar bugs have been found in various first updates to iOS — versions 7, 6 and 4 were all initially vulnerable to similar hacks. Since the iPhone’s lock screen is the main defence against people getting unwanted access to the phone, it has become a particular target for hackers.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments