Everything A Thief Can Learn About You Thanks To Siri's Security Flaw

dumbass siri

Photo: TiPb

We reported this morning on the fact that when you set up a passcode on your iPhone, Siri ignores it and remains active by default.Here’s what a total stranger can do with Siri on your supposedly locked phone:

  • Delete or change your calendar events
  • Find out where someone will be based on his calendar
  • Send a text message to anyone in your contacts
  • Send an email to anyone in your contacts
  • Look up any information about anyone in your contacts — your parents’ address, your girlfriend’s phone number (we were able to find one coworker’s father’s social security number)
  • Change defined relationships — TiPb shows that a prankster could easily instruct Siri to call you “Dumb arse”
  • Set and change alarms and reminders
  • Call anyone in your contacts

This is a big deal because it’s a security flaw by design. When you “lock” your phone with a passcode, it sets the reasonable expectation that it should only function for those who can properly unlock it. But Siri’s default setting is to ignore this. It’s not until you change the setting that Siri falls into line with the idea of a locked phone.

We know that at least a little thought was put into how Siri works on a locked phone — you can’t access past emails or text messages, for example — but its immediate functionality is still right there for anyone to take advantage.

Convenience is the enemy of security, and it seems you’ll have to choose between the two.

We reached out to Apple PR for a comment and they didn’t respond.

NOW WATCH: Tech Insider videos

Want to read a more in-depth view on the trends influencing Australian business and the global economy? BI / Research is designed to help executives and industry leaders understand the major challenges and opportunities for industry, technology, strategy and the economy in the future. Sign up for free at research.businessinsider.com.au.

Tagged In

apple siri tools-us