Monday, 25 January 2016

Siri Security Vulnerabilities - getting personal information from Siri when your phone is locked

I've recently been wondering about the security issues related to Siri. I know this has probably been blogged about before so I may be covering old ground however I just thought I'd discuss a few possible scenarios that can occur.

Siri can be accessed from the lock screen and allows several commands to be executed.

Though this is generally useful the scenarios I mentioned generally revolve around two problems.

You're in a bar with someone you don't know very well, and leaving your phone on the table the person can find out personal information in the short time it takes you to goto the toilet.

You lose your phone the person has plenty of time to get information from your phone including your home address.

The severity of the issue depends on your settings however you can try the following

Get directions to mum

Send a message to mum (allows them to appear to be you)

Call "Paul" or other common name

Give me directions home (this only works if you have assigned yourself an address)

What am I doing today?

No comments:

Post a Comment