The art of taxation consists in so plucking the goose as to get the most feathers with the least hissing - Jeane Baptiste Colbert
A RESEARCHER HAS DISCOVERED an exploit in iOS 7.1.1 that allows hackers to bypass the iPhone's lock screen to send a text, email or call contacts simply by activating Siri.
Egyptian neurosurgeon and part-time white hat hacker Shefif Hashim discovered the glitch earlier this week and posted a Youtube video (below) detailing the steps of the iOS exploit.
In the video, Hashim first tried and failed to unlock an iPhone 5S using its built-in fingerprint sensor, showing that the phone was locked. He then activated Siri and tried to access the iPhone's contact list by barking "Contacts" at the digital assistant, but Siri responded by saying, "You'll need to unlock your iPhone first."
Hashim went on to show how easy it is to skirt around Siri's advice, and instead asked the assistant to "Call", which prompted Siri to ask "With whom would you like to speak?" - allowing Hashim, and anyone else aware of the flaw, to search the iPhone's contacts list.
It is thought that this exploit can be replicated on any iPhone 5S handset running iOS 7.1.1, and while it doesn't give hackers access to other areas of the handset, this flaw likely will have some iPhone users worried.
Apple has yet to respond to the report, but likely will patch it in a future software upgrade, much like it has with similar exploits.
Earlier this year, for example, it was uncovered that by using a precisely timed sequence of keypresses, hackers could easily bypass the lock screen in iOS 7 to access a user's personal information.
This year it was also revealed that a glitch in Apple's iOS 7 software allowed hackers to easily disable Find My iPhone without having to enter a password. µ
Sign up for INQbot – a weekly roundup of the best from the INQ