iOS 9.3.1 bug lets anyone see iPhone’s photos and contacts via Siri

The problem is only present on the iPhone 6s and 6s Plus, and is a little complicated, but could offer access to some of a phone’s most sensitive contents

Andrew Griffin
Tuesday 05 April 2016 06:43 EDT
Comments
Siri first appeared on the iPhone 4S, pictured
Siri first appeared on the iPhone 4S, pictured (Oli Scarff/Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A bug in the new version of iOS could offer anyone access to a phone’s photos and contacts.

The slightly complicated trick uses an apparent glitch in the way that Siri works to get access to some of the phone’s most sensitive information.

The trick is done by heading to Siri and asking the personal assistant to search Twitter. Doing so with the right terms can bring up contacts data, like an email address or phone number, and the 3D Touch feature can then be used to bring up a menu allowing people to use that data.

Clicking on the “Add to Existing Contact” option within that menu allows people to get into the contacts app, and scroll through any information that might be stored in there. And from there users can click to change the photo of a given person, which brings up the photo library and allows people to look at any picture.

Because the bug relies on 3D Touch, which is only supported on the iPhone 6s and 6s Plus, it can only be done on those phones. It also appears only to work on iOS 9.3.1, the newest version of Apple’s operating system for iPhones and iPads. And the user must already have given Siri access to the Twitter account and the other apps that are used.

That means that the bug can be at least temporarily fixed by limiting access to the relevant apps. By heading to Settings and then Twitter, Siri’s access to the app can be cut off, and the assistant can be kept from accessing photos by going to the Privacy settings and heading to Photos.

What is Apple's strategy?

The bug isn’t the first time that Siri has been used to get into some parts of the phone, and another was found in September by the same person, Jose Rodriguez. Such tricks have even become so popular that they have been the subject of hoaxes by people attempting to use them to get in – including a highly popular workaround released last month that actually just showed people accidentally using the phone’s fingerprint sensor.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in