In iOS 9, which is installed on most iPhone, iPad and iPod touch, discovered a very dangerous vulnerability that allows to gain unauthorized access to user data. It’s enough to bypass the lock screen with a password, and this will help voice assistant Siri, a built-in mobile Apple devices. In this case, the attacker does not need any special knowledge, just follow the combination of several simple actions.
The vulnerability enables unauthorized users to access the photos of iPhone 6s and iPhone 6s Plus. To resolve this bug you need to disable the feature that allows you to invoke Apple’s voice assistant on the lock screen iOS 9.
A loophole, whereby it is possible to pass protection for the iPhone, found readers Culf. A few easy steps, the attackers can get into the Contacts app and from there to the photo library on the device.
The sequence consists of 6 steps and includes the launch of the personal assistant Siri on the lock screen, the call of the Twitter team “Search Twitter” and search for any popular email domain in the news, such as “at-sign yahoo dot com”. When the list displays the e-mail address, you need to use 3D Touch menu, and click “Create new contact”. In the photos section of the Contacts application you need to use the command “Add photo” and click “Choose photo” from the library. After that, the user can browse the photos in your iPhone.
As mentioned above, the main condition for a successful operation – activated “Siri” on the lock screen of the device. Switch voice assistant is under Settings –> Touch ID & passcode.