Siri-ptitious Hacker Claims to Crack iPhone Lockscreen
A bug in iOS 7.1.1 lets anyone circumvent the device's lock screen to access its contact list and call anyone on that list.
Siri needs to brush up on her security. Using voice commands, one hacker claims it's possible to bypass the lock screen of an iOS device running version 7.1.1, access that phone's contacts list, and call a contact from the bypassed phone.
The hack has its limitations. The hacker needs physical access to the phone, which needs to be running iOS 7.1.1 and have Siri enabled on the lock screen. Further, the hack only gives the hacker access to the phone's contact list. Still, it's easy to imagine how this bypass could be used to cause some Siri-ous trouble.
MORE: 10 Tips Every iPhone Owner Should Know
Egyptian neurosurgeon and part-time hacker Sherif Hashim discovered the trick, which he demonstrated in a YouTube video posted May 4. In the video, Hashim first tries and fails to unlock an iPhone using its TouchID fingerprint scanner, showing that the phone is locked. He then activates Siri and tries to access the phone's contact list by saying "Contacts."
"You'll need to unlock your iPhone first," Siri says. But then Hashim taps "cancel," activates Siri again, and says "Call." Siri then asks "With whom would you like to speak?" which allows Hashim to type names into a search bar for the phone's contact list. From there he can scan the phone's entire contact list, and call anyone from that list.
When we tried the same hack ourselves, we were unable to access our iPhone 5s' full contact list. However, we could call contacts by guessing certain names, such as Michael.
However, we then found that if the phone has more than one contact with the same first name (or even more than one contact whose names begin with the same two letters, such as "Mi"), a snoop can access the full contact list by searching for that name. If you do so, the phone will then display everyone in the contact list with that first name, and also present a "more" option. Tapping that "more" option will bring you to the entire contact list.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!
That the phone in question needs to have more than one contact with the same name, and that the attacker needs to know that name, might make this bypass seem difficult to do. But considering it's likely most people know more than one person with a common name like "Michael" or "Emily," it's probable that most iOS 7 devices who have Siri enabled on their lockscreens are susceptible to this partial bypass.
Ultimately, it's up to users to decide whether they want Siri to be accessible via the lockscreen. All you need to do is toggle the Siri button under "Allow Access When Locked" in the Touch ID & Passcode settings screen in iOS 7.
Email jscharr@techmedianetwork.com or follow her @JillScharr and Google+. Follow us@TomsGuide, on Facebook and on Google+.
Jill Scharr is a creative writer and narrative designer in the videogame industry. She's currently Project Lead Writer at the games studio Harebrained Schemes, and has also worked at Bungie. Prior to that she worked as a Staff Writer for Tom's Guide, covering video games, online security, 3D printing and tech innovation among many subjects.