Security bugs are going to be a part of any operating system no matter who is building it, Apple, Microsoft, BlackBerry or Google. We’ve covered a lot of security and privacy matters here and over the past few weeks the FBI vs Apple debate has fueled many of our posts. Since the FBI story broke there have been several instances of new iOS exploits surfacing that have put users at risk. The newest one involves the ability for someone to target a locked iPhone and gain access to the phone’s contacts through Siri. Check out the video below to see the exploit in action.
- Activate Siri, either with the home button or by saying “Hey Siri”
- Ask Siri to search Twitter
- When Siri asks what to search for, say “@gmail.com” or the second half of any other email address.
- When Siri produces the list of results, find a tweet with a full email address in it.
- Click the tweet and then, using the 3D touch of the iPhone 6s and 6s Plus, firm press on the email address so that the pop-up window appears.
- Click “Add new contact.” From here, you’ll be able to click the photo box to view all the photos on the device. Alternatively, you can click “Add to existing contact” to browse all the other contacts saved on the device.
While security bugs on iOS are something users should be concerned about, they should also know that Apple generally fixes these security bugs rather quickly. The bug demonstrated above was patched within 24 hours of it surfacing online and Apple finding out about it. Yes, there are instances of larger exploits taking longer to patch but overall Apple has responded quickly to these types of issues.
Finding security bugs and demonstrating them on YouTube seems to have become popular lately. Not only does it bring in much needed clicks and views but it also feeds those who might have a dislike for whatever OS is being made an example of. That creates a ripple effect and gets people talking and websites covering, including us. But it is important to understand that Apple and Google both do a generally good job at patching these things before they become a massive problem. Again, that’s not to say they’ve never gotten it wrong, everyone gets it wrong on occasion.Source: Daily Dot