Blog

Network Synergy Blog

Network Synergy has been serving the Trumbull area since 1988, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: iPhone Lock Screen Vulnerability Found - Siri Can Be A Backstabber

b2ap3_thumbnail_siri_vuln_400.jpgDon't trust anything you can't see - a valuable lesson for anyone. But, why shouldn't you trust your own phone? Egyptian programmer Sherif Hashim has discovered a vulnerability in the most recent version of iOS (7.1.1) that allows hackers to physically access your contacts without unlocking your phone.

This video shows the steps that Hashim took to access the iPhone through the lock screen by using Siri:

When Siri is triggered from the lock screen, Hashim first says "contacts", hoping to be taken directly to the contacts page. However, the app denies his request, saying that he must first unlock the phone. He then tries the trick again, only this time with the command "call". This allows Hashim to access the contacts list by bringing up the "Other..." menu when presented with the a request for a contact with a duplicate name.

This flaw is present in all iPhone versions running Siri, and is capable of revealing far more than just phone numbers. Hackers can potentially gain access to any information from the contact card, such as your contact's home or email addresses. You don't want hackers to know where you, your friends, or family live, and you risk more than just data theft - the rest of your valuables could very well be on the line.

Fortunately, this can only occur when a hacker is in physical possession of your phone. Though this vulnerability is somewhat limited because of this, it is still a good idea to turn Siri off from your Passcode options via the General settings of the device. Otherwise, you risk the deceptively-faithful iOS app betraying your contact information to a thief. Don't let them smooth-talk their way through Siri.

For more updates and information concerning the latest vulnerabilities, patches, and updates, contact Network Synergy at (203) 261-2201. Knowledge is power, and we'll give you all the information you need to protect yourself from the latest threats and vulnerabilities.

Technology and Life Insights from “The Most Connec...
Microsoft Pushes Back Windows 8.1 Update Deadline
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Tuesday, 05 November 2024

Captcha Image

Contact us

Learn more about what Network Synergy can do for your business.

Network Synergy
126 Monroe Turnpike
Trumbull, Connecticut 06611

Network Synergy Corporation BBB Business Review

Best IT Managed Service Providers in Bridgeport aicpa logo net syn

News & Updates

Network Synergy is proud to announce the launch of our new website at www.netsynergy.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Copyright Network Synergy. All Rights Reserved.