iOS Bug Allows Siri to Read Messages on a Locked iPhone
Siri has a security bug that could enable anyone to read your messages without unlocking the phone. If you have your notifications hidden on the lock screen (where you get to know about a new notification but not the contents of the message), Siri can apparently read your notifications even if you have set them to hidden.
This bug potentially allows someone who doesn’t have your passcode to access hidden message notifications on a locked iPhone by pushing Siri to read them. The bug doesn’t affect Apple’s own Messages app according to Mac Magazine. However, third party apps like WhatsApp, Skype and Telegram are vulnerable to this issue.
Testing the latest Siri bug
If you want to test this bug, head over to Settings > Notifications > relevant messaging app > Show Previews > select “When Unlocked.” After this, when you get a new message from that particular app, simply ask Siri to read notifications without unlocking your phone.
It isn’t the first time that Siri has been used to bypass lock screen security as we have seen it being used to access contact lists and camera roll. Since Siri can’t read messages from the Apple Messages app, the company only needs to implement the same security for other apps, as well. In the past, these bugs were fixed by Apple right after they were reported, which means we are probably going to get a fix for this one in the next iOS update.
This privacy bug has been verified in iOS 11.2.6 and iOS 11.3 beta and has been reported to the iPhone maker. In the meantime, you can disable access to Siri from the lock screen, which will render this vulnerability useless.
- Go to Settings > Touch ID & Passcode.
- Under Allow access when locked, toggle Siri off.