Apple has remotely fixed a security vulnerability with Siri that allowed access to a user's contacts and photos without a passcode.
We posted on the flaw yesterday as discovered by Jose Rodriguez. The procedure involved using Siri to initiate a Twitter search then using a 3D Touch gesture on contact information to bring up the Quick Actions menu. Tapping Add to Existing Contact brought up your full contact list and adding a photo to the contact brought up your entire photo library.
Apple has now blocked the ability to perform a Twitter Search without entering your passcode first. This resolves the security risk but may annoy some users who use that feature frequently.
Please follow iClarified on Twitter, Facebook, or RSS for updates.
We posted on the flaw yesterday as discovered by Jose Rodriguez. The procedure involved using Siri to initiate a Twitter search then using a 3D Touch gesture on contact information to bring up the Quick Actions menu. Tapping Add to Existing Contact brought up your full contact list and adding a photo to the contact brought up your entire photo library.
Apple has now blocked the ability to perform a Twitter Search without entering your passcode first. This resolves the security risk but may annoy some users who use that feature frequently.
Please follow iClarified on Twitter, Facebook, or RSS for updates.