Siri Security Issues Exposed

We all remember that rapscallion HAL 9000 from 2001: A Space

and the trouble it caused poor Dave, and now it seems Apple’s version

of artificial intelligence could prove just as problematic.

Siri, the voice-activated personal assistant on the iPhone

, could potentially create a security threat allowing anyone access to the

information stored on your phone whether it’s locked or not.

The problem has been highlighted by security experts Sophos,

who discovered that a passcode-secured iPhone 4S can still be accessed through

Siri, allowing anyone who can get there hands on your phone access to allow your

personal information.

The problem occurs because the default setting on the iPhone

4S means that Siri can be accessed from the lock screen without the need to enter

the passcode. And since Siri responds to any voice, whoever gets their hands on the phone will be able to use it.

iPhone 4S Siri

We tried this on an iPhone 4S this morning and managed to

send text messages and emails to various people from the contacts list of the ‘locked’

iPhone. We were also able to draw up a list of upcoming appointments and times

from the phone’s calendar.

This means that anyone who leaves their iPhone 4S unguarded

for any length of time could be leaving all their contact and calendar

information open – not to mind being at the mercy of pranksters looking to send

‘funny’ emails and texts from the phone.

iPhone 4S Siri

There is an easy way to solve the problem however. Go to

Settings/General/Passcode Lock on the iPhone 4S and switch Siri from On to Off.

That way Siri cannot be used when the smartphone is locked with a passcode.

Why Apple chose to have the default setting for this as On

is a mystery, but it should be noted that Siri is still in beta and when the

final product does emerge it will possibly have more strict security.

“They could have chosen to implement Siri securely, but

instead they decided to default to a mode which is more about impressing your

buddies than securing your calendar and email system,” said Graham Cluley, senior

technology consultant at Sophos.

The first TV ad for Siri has been released (see above) and

shows a world where the iPhone 4S could become your best friend. In reality

Siri doesn’t work as flawlessly as Apple would have you believe, especially

here in the UK

where it cannot access any location data.

Source: Naked Security