Siri security hole could let thieves use your iPhone 4S

20 Oct 2011

Apple iPhone 4S Siri

Security experts are warning iPhone 4S users of an unintended feature which could allow strangers to use certain functions on their handset, even if it has been locked.

As we found out in the V3 office, the new voice-activated personal assistant feature, Siri, can be a boon to the time-starved iPhone user.

However, Apple has allowed the tool to be used even when the phone has been locked, simply by pressing the home button. Effectively this means a complete stranger could give Siri verbal commands to compose emails, texts, change calendar settings and more.

Although the range of tasks that a would-be thief could carry out on a locked phone via Siri is limited, the fact that it is enabled by default has angered some security experts.

"What's disappointing to me though is that Apple had a clear choice here," wrote Sophos senior technology consultant, Graham Cluley.

"They could have chosen to implement Siri securely, but instead they decided to default to a mode which is more about impressing your buddies than securing your calendar and email system."

To turn Siri off when the phone is locked, users need to go to Settings/General/Passcode Lock and then turn the Siri option to off.

Do you agree?

Add your comment

Your name:
Your email address:	We won't publish your address
Your comment title:
Your comment:	By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.

Submit your comment

Get the latest news headlines direct to your inbox

Flame virus poll

Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?

Yes, the government has been proactive in addressing threats

30%

Yes, the strong UK technology sector helps ensure access to top-level equipment and expertise

No, the government is lagging behind in adequately protecting the UK infrastructure

14%

No, there’s always exploits that can be attacked

54%

Features

The V3 Hot Seat: Imperva CTO and co-founder Amichai Shulman

Quick guide to Flame malware attack

Quick guide to cookie law compliance

ICO sends out mixed messages on cookie law

More features

Commuters waiting on platform of underground station

TFL prepares to monitor big data during London Olympics 2012 [Video]

TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event

Sign up to our daily or weekly newsletters

Follow @V3_co_uk

Case studies and reports

Colour printing: why the bill keeps outstripping the budget

The wrong printers, for the wrong tasks on the wrong contracts

Magic quadrant for business intelligence platforms

Who leads the BI pack and who should we be watching out for?

Technology jobs

Functional Oracle Support Analyst

Functional Oracle Support Analyst - EBS Financials, Support...

Oracle E-Business Suite Technical Consultant

Oracle E-Business Suite Technical Consultant - EBS...

Oracle Applications DBA

Oracle Applications DBA - East London - All salaries...

Oracle Functional Consultants

Oracle Functional Consultants - Financial - Project Accounting...

White paper library
Latest white papers

Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.

More white papers

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

About us:

Business & technology web sites:

Blogs & community:

Reviews:

Software downloads:

Tools & resources:

Accreditation:

Digital Publisher of the Year 2010

Friend's email address	To send to more than one email address, simply separate each address with a comma.
Your email address
Message