This website uses cookies in order to offer you the most relevant information. Please accept cookies for the most optimal performance. 

Blog

Computerware Blog

Computerware has been serving the Vienna area since 1976, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: Siri’s Leaking Secrets - iPhone Lock Screen Vulnerability

b2ap3_thumbnail_ios_vuln_400.jpgApple's iOS 7.1.1. operating system has been affected by a series of bugs throughout this month. The first bug was emails being sent unencrypted, but now a new threat lurks in the shadows - a lock screen flaw that allows hackers to access your contacts list without unlocking the phone.

The flaw was discovered by Egyptian programmer Sherif Hashim, who has posted this video on his Youtube channel in order to show the steps required for doing so:

Hashim first attempts to use Siri's "contacts" command, which fails. Siri denies his request, telling him that he must first enter a password and unlock the phone. However, Hashim tries it again with a different command - "call". Using this command, Hashim was able to access the contacts list when bringing up the "Other..." menu, which appears when searching for a contact with a duplicate name.

It is thought that the flaw can be found in any iOS system running Siri, but it should be known that this flaw can reveal more than phone numbers. Hackers can potentially steal any information found on the contact card. This can reveal the address, phone number, Facebook page, and much more. You could basically be inviting hackers into your social life if they were allowed to get their grubby mitts on your phone.

Thankfully, that is the only way to exploit this vulnerability. The hacker must have physical access to your phone, and they can't access your phone remotely due to Siri being necessary to activate the vulnerability. It is recommended that you deactivate Siri from the lock screen via the Passcode options in the General settings of the device. This will prevent thieves from coaxing information out of Siri with their sugar-coated words.

You can always count on Computerware to deliver the latest news concerning vulnerabilities, patches, and updates directly to you. We'll arm you with knowledge about the latest threats and security breaches. Call Computerware at (703) 821-8200 today and find out what we can do for your IT as well!

“The Most Connected Human on Earth” - Chris Dancy ...
Microsoft Yields - Windows 8.1 Update Deadline Ext...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Tuesday, 24 December 2024

Captcha Image

News & Updates

Computerware is proud to announce the launch of our new website at ww.cwit.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what Computerware can do for your business.

Computerware, Inc.
8480 Tyco Road Suite I
Vienna, Virginia 22182

Copyright Computerware. All Rights Reserved.