On the market for an iPhone? Here's a breakdown of all the currently shipping iPhones from Apple.
Security Flaw in iOS 9.3.1 Allows Access to iPhone Photos and Contacts
A video surfaced online yesterday purporting to show a vulnerability in iOS 9.3.1 that allows anyone to access photos and contacts on a locked iPhone without having to enter a passcode.
The YouTube video, uploaded by Jose Rodriguez and first spotted by The Daily Dot, depicts a user performing a Siri search followed by a series of relatively simple steps, one of which involves 3D Touch, limiting the exploit to iPhone 6s and 6s Plus devices.
The procedure starts by invoking Siri on the locked phone by holding the home button or using the "Hey, Siri" function, and then asking the personal assistant to initiate a Twitter search. When the returned results include contact details such as an email address, a 3D Touch gesture is used on the contact information to bring up a Quick Actions menu. Tapping "Add to Existing Contact" then brings up the iPhone's Contacts list. By selecting a contact and opting to add a photo to the entry, the phone's photo library can also be freely accessed.
The flaw is only applicable if the iPhone owner has previously granted Siri permission to access Twitter account information as well as to Contacts or Photos, operations which require establishing ownership of the device with the passcode or Touch ID. Additionally, if the iPhone has exited a Touch ID grace period, a passcode is still required before using Siri.
Users worried about the vulnerability can protect themselves by ensuring Siri's access to Twitter and Photos is disabled. On your device, go to Settings -> Privacy -> Twitter and if Siri is listed, turn off its access. Likewise, in Privacy -> Photos, turn any listing of Siri access to the Off position. Revoking Siri's access to your Contacts requires the more drastic action of disabling Siri lock screen activation. To do so, go to Settings -> Touch ID & Passcode and turn off the Siri switch.
Apple released iOS 9.3.1 to the public last week, marking the first update to iOS 9 since iOS 9.3 launched on March 21. iOS 9.3.1 came just over a week after the launch of iOS 9.3 and brought a fix for a significant web link crashing issue that affected many iOS users.
The YouTube video, uploaded by Jose Rodriguez and first spotted by The Daily Dot, depicts a user performing a Siri search followed by a series of relatively simple steps, one of which involves 3D Touch, limiting the exploit to iPhone 6s and 6s Plus devices.
The procedure starts by invoking Siri on the locked phone by holding the home button or using the "Hey, Siri" function, and then asking the personal assistant to initiate a Twitter search. When the returned results include contact details such as an email address, a 3D Touch gesture is used on the contact information to bring up a Quick Actions menu. Tapping "Add to Existing Contact" then brings up the iPhone's Contacts list. By selecting a contact and opting to add a photo to the entry, the phone's photo library can also be freely accessed.
The flaw is only applicable if the iPhone owner has previously granted Siri permission to access Twitter account information as well as to Contacts or Photos, operations which require establishing ownership of the device with the passcode or Touch ID. Additionally, if the iPhone has exited a Touch ID grace period, a passcode is still required before using Siri.
Users worried about the vulnerability can protect themselves by ensuring Siri's access to Twitter and Photos is disabled. On your device, go to Settings -> Privacy -> Twitter and if Siri is listed, turn off its access. Likewise, in Privacy -> Photos, turn any listing of Siri access to the Off position. Revoking Siri's access to your Contacts requires the more drastic action of disabling Siri lock screen activation. To do so, go to Settings -> Touch ID & Passcode and turn off the Siri switch.
Apple released iOS 9.3.1 to the public last week, marking the first update to iOS 9 since iOS 9.3 launched on March 21. iOS 9.3.1 came just over a week after the launch of iOS 9.3 and brought a fix for a significant web link crashing issue that affected many iOS users.
[ 227 comments ]
Instagram is dropping the IGTV button from the top-right corner of the app's home screen because not enough people are interacting with it.
First launched in June 2018, IGTV is...
Epic Games' latest update to the iOS version of popular battle royale title Fortnite that enables iPad Pro owners to run the game at 120 frames per second.
iPad Pro owners wanting to make...
Apple CEO Tim Cook has taken to Twitter this weekend to share a behind-the-scenes look at the making of new Apple TV+ show "Little America."
The entire first season of the immigrant...
It was a busy week of rumors as we hit the middle of January, with reports about updates to Face ID in the iPhone 12 lineup later this year, signs of a new Mac notebook coming soon, and word that...
Apple has inked a deal for a docuseries called "Dear..." that profiles famous people using an "inventive and cinematic approach" that involves letters written by people whose lives...
Amazon is no longer selling new versions of the Apple Watch Series 4 and Series 5 models through its online store in the United States, with the listings disappearing earlier today.
There is no...
Asphalt 9: Legends, a game that was ported to the Mac using Apple's Mac Catalyst tools, is now available for download from the Mac App Store.
The app was one of the titles that Apple...
Apple is expanding its presence in Germany with plans to open a new office building in Munich, Germany, according to German news site Süddeutsche Zeitung.
Located in the "Karl" office...
