Just a few days ago reports surfaced that the iPhone has a bug that leaves your mail attachments unencrypted. It allows hackers to access the encrypted email attachments. Apple Inc. (NASDAQ:AAPL) is still working to fix that bug. Now, an Egypt-based hacker claims that he has identified a new flaw which lets intruders bypass the lock screen security and send SMS or make calls using the voice assistant Siri.
This loophole exposes your iPhone’s entire contact list to intruders
However, the hack has certain limitations, reports NBC News. The iPhone has to be running on the latest iOS 7.1.1, and Siri needs to be enabled on the lock screen. Moreover, the bug only gives the hacker access to the iPhone’s contact list. But it can cause some serious trouble to users who have left Siri enabled on the lock screen. Of course, the lock screen keeps most of your iPhone’s content secure from prying eyes. But features like Siri that can be accessed without unlocking the device have always been a concern from the security point of view. And this new loophole potentially exposes your contact list to intruders.
Egyptian hacker Sherif Hashim demonstrated the trick in a YouTube video on May 4. In the video, Sherif Hashim took a locked iPhone. He activates Siri and says “Contacts” to access the smartphone’s contact list. And Siri responds, “You’ll need to unlock your iPhone first.” Then Hashim taps “Cancel,” activates the voice assistant again, and says “Call.” And then Siri gives him access to the iPhone’s entire contact list, and Hashim is able to contact anybody in the list.
How to protect your iPhone from this kind of hack
However, this hack doesn’t give intruders access to any other feature of your device. It’s up to your whether you want the Siri voice assistant to be accessible through the lock screen. But if you are alarmed by the seriousness of someone intruding into your contact list and making calls without your consent, you can disable Siri on the lock screen. Hope Apple Inc. (NASDAQ:AAPL) fixes this one soon.