First the good news – you have to have physical control of the iPhone in order to make this hack work. Now the bad news – there is more than one YouTube video describing how to do it.
Too bad the FBI didn’t see the videos before they tried to get Apple to unlock the San Bernadino phone. On the other hand, The New York City DA says he has hundreds of phones that he would like to unlock, so maybe this could be useful.
The bug affects all iPhones and iPads running iOS 8 or later, including the most current release.
Right now, what the hackers have shown is limited access to the devices, but they say that they will release new videos after Apple fixes these bugs telling how you could use the bug to gain access to a user’s contacts and home screen – at that point pretty much owning the device.
One more thing – it only works if Siri is on. It seems like Siri SHOULD go completely dark if the phone or pad is locked, but apparently, Siri ALWAYS listens.
I am not going to go in excruciating detail on how to use the hack – for that you can just go to YouTube, but at a high level, the steps are:
- Ask Siri Who Am I to get the device’s phone number. The attacker then calls the device and presses the message icon like he or she was going to send the caller a message.
- Tell Siri to turn on VOICE OVER. Again, in my opinion, Siri should not respond if the phone is locked, but it does.
- Double tab the message TO name field while pressing some random key. This apparently is the crux of the bug. Doing this unlocks the TO field, allowing you access to the address book and photos.
- The attacker can even create a new contact now if he or she wants to.
I hope Apple considers this a high priority fix because if you can use this bug to get to the home screen, it is a big problem.
It seems like we are seeing more Apple hacks lately. I think this is, in part, because Apple keeps adding features to iOS, not necessarily because people want them but because they have to justify a new version of the OS in order to keep up with the Jones. More features means more complexity and complexity is the enemy of security.
As I said, if you want more details, go to YouTube, but it seems to me that Apple’s mystique as being uncrackable is developing some cracks. That doesn’t mean that it isn’t good, it just means that it is not perfect. With very few exceptions, software is not perfect – it is just too hard to do.
Information for this post came from Bleeping Computer.