Security Flaw in iOS 9.3.1 Allows Access to Contacts and Photos Without Passcode [Video]

Security Flaw in iOS 9.3.1 Allows Access to Contacts and Photos Without Passcode [Video]

Posted by · 12444 views · Translate
A security flaw in iOS 9.3.1 allows access to your contacts and photos without entering a passcode. The vulnerability was discovered by Jose Rodriguez.

The procedure involves using Siri to initiate a Twitter search then using a 3D Touch gesture on contact information to bring up the Quick Actions menu. Tapping Add to Existing Contact brings up your full contact list and adding a photo to the contact brings up your entire photo library.

To protect yourself from this security flaw, you can turn off access to Photos and Twitter for Siri. This can be down from the Settings -> Privacy ->Photos and Settings->Privacy->Twitter menus.

Take a look at the video below for more details...



[via DailyDot] [via MacRumors]
ltamborrell - April 6, 2016 at 2:53pm
The problem is already fixed so shut it!
clown - April 6, 2016 at 12:06am
Clown found the passcode text mesaage, phone call , search web flaw in siri.
clown - April 5, 2016 at 8:45pm
Say hey siri text (input phone number) will text anyone you want . Also searched the web for that name, it bypassed the passcode once i think but not again
Vida - April 5, 2016 at 8:03pm
9.0.2 is the most stable release period
SeanBenzy - April 5, 2016 at 7:47pm
Correction, it is allowing for the first time but if you repeat the process Siri is asking for the screen to be unlocked, so yes we need 9.3.2
26 More Comments
Recent