iPhone 4S ships with Siri-related security threat

By on Oct 20, 2011 at 3:15 PM
mobile October 20, 2011

Siri, secure yourself. If only that command worked; as it turns out, the popular virtual assistant feature on the iPhone 4S that allows users to schedule appointments, search the web, check the weather and more, may be a security threat to users who want to keep private information away from prying eyes — and ears. CNET discovered that Siri’s default security setting allows users to access the iPhone 4S feature even when the phone is locked. That means if you leave your iPhone in a cab, for example, a thief could easily access your address book, appointments and other personal information. Thankfully, there is an easy way to turn the setting off. Simply visit Settings and click General, then click Passcode Lock and toggle the option for “Allow access to Siri when locked with a passcode” to Off. The iPhone 4S will now require the the phone to be unlocked before it allows access to Siri. 

Read

Tags:
, , , , ,
74 Comments

Related Articles

  • http://twitter.com/GRZLA Grizzly Atoms

    Why would this by default be enabled?

    • Anonymous

      Hmmm, you’re comment is very well thought out and insightful.  Thank you for your contribution to this site.

    • Anonymous

      for a business person that might need to know his/her next appoint without “grab phone – power – unlock – input pin – use siri” and skipping to “grab phone – use siri”

      • http://twitter.com/GRZLA Grizzly Atoms

        What does this have to do with the fact that Apple has enabled by default an action that compromises your phone? Instead of defending the Church of Apple you should be outraged as a consumer. They had a choice to make either the default. 

      • Anonymous

        i wasn’t defending, i was giving a practical use. in apple’s eyes, they would rather showcase the feature by default before thinking of security. they are effin morons for enabling it by default. IT admins are going to have fits re-writing security policies.

      • IPwn

        Where you outraged when Androids Froyo OS allowed a bypass of the lock screen all together? Or did you defend it by saying “if you root the phone, you can edit the settings and fix it yourself”

      • Poo pants

        ROAR!  I’m outraged! 

      • Anonymous

        @d8ac14f569296235ca24bbe5c3028b59:disqus better check your diaper! calm down

      • http://profiles.google.com/dayton818 Andrew Dayton

        Great idea let me waste my life being mad at companies.  You can spend your life being outraged over petty things I’ll enjoy my gadgets, and live a happy life.

      • http://twitter.com/GRZLA Grizzly Atoms

        @368319004687df853351865584418d15:disqus I never had the Froyo issue you speak of. My only froyo device has been an HTC phone so by default it had the Sense lockscreen which is drastically different than the stock version. That issue wasn’t present in my phone, and if it was I would have been outraged. Just as any iPhone owner should be. There is a difference between being a consumer and sheep.

      • IPwn

        @Grizzly
        My point is (not you specifically) when fandroids tout they have a problem they just say oh I’ll root it and fix it an don’t address the issue. People could be outraged however this really isn’t a bug it’s a simple setting and this blog is making it out to be more of a “risk” then it is. If you are setting up a passcode on the 4s the setting shows on the SAME screen as the passcode at which point you shut it off. Literally, the toggle is right above where you turn the passcode on or off.

        Personally, I think this was done so you can give voice commands while driving without having to look or physically interact with the device.

      • Keymaker

        This is a non issue, that’s why the feature is in (beta) for. I really don’t understand what part of beta testing don’t people get. This is only a problem if you didn’t know Siri is a beta product which Apple made clear.

      • Anonymous

        On my phone (without the Siri gimmick): Grab phone – power – unlock with gesture – upcoming appointment calendar widget on home screen. Talking to my phone for the most simple of tasks is a complete waste of time and a privacy concern. 

      • Anonymous

        agreed. on my D2 i use ProLauncher widgets, best 5 bux i’ve ever spent on a phone app. also, you don’t wnat your phone shouting that your next appointment is to take your viagra pill in 15 minutes! ha.

      • Anonymous

        You have a proctolgist appointment: Wednesday @ 5pm. Wash your ass!

        —–>see where this is going<—–™®©

    • Anonymous Coward

      And that’s just the thing. I don’t think it is on by default.

      • Anonymous

        Siri is off by default or it was on my 4S.. Can’t speak for others

      • VanDangles

        It is off by default, you have to turn Siri on when you first set up the phone. I should know seeing as I only did it yesterday. As with all technology, if you don’t take the time to familiarise yourself with the device then you only have yourself to blame if you use it incorrectly.

      • http://twitter.com/GRZLA Grizzly Atoms

        It is enabled by default, I checked my girlfriends 4S after reading about this the other day on CNET. She doesn’t use Siri so I know she didn’t mess with the settings. It was definitely enabled by default.

    • Anonymous

       BGR, please show a video of this in action so I can see how it’s done and what information I can access… You’ve done it before…

      • Anonymous

        iBGR will not do that to the iphone. they only do that to the other phones.

  • http://www.twitter.com/wixostrix WixosTrix

    Silly iOS 5.  WP7 has the option to use speech commands when the phone is locked too.  It’s off by default though, and it also doesn’t ever tell you or display personal information.

    • Anonymous

      they might as well enable it by default its not a security threat when most of them still sitting in stock rooms

      • http://www.twitter.com/wixostrix WixosTrix

        I think people should just explore their phones when they get them, especially in the settings.
        Sent from my Windows Phone
        ________________________________

      • http://twitter.com/GRZLA Grizzly Atoms

        The problem is most consumers don’t do this. They buy the phone and just use it, and I would say those users are the majority.

      • Tzz

        Omg a security threat the lock screen is not enabled by default. Idiots get a clue

  • Anonymous

    wow …what a non story!

    • http://pulse.yahoo.com/_47W6CR65QNWSRIPYCFU4C6VXE4 I

      Except a major security hole is a story…

      crApple idiots…

    • Anonymous

      You have a proctolgist appointment: Wednesday @ 5pm. Wash your ass!

      —–>see where this is going<—–™®©

  • Anonymous

    Impossible,  It’s apple, it’s magical, it just works.

    • Anonymous

      You have a proctolgist appointment: Wednesday @ 5pm. Wash your ass!

      —–>see where this is going<—–
      ™®©

    • Anonymous

      …And continues to just work for the guy who just stole your iPhone

  • Bringit

    no biggie.

    • KCRic

      That’s what she said about your di*k

      • Bringit

        Androidnerds only talk about cocks and anal.  Very strange.

      • http://twitter.com/GRZLA Grizzly Atoms

        He never said anything about anal. What are you thinking about there buddy? Want to talk about it?

      • Adam McDonald

        Grizzly, perhaps he’s referencing other posts…. Just saying.

      • http://www.facebook.com/vokal.guy Táyò Salako

        Haha nice one

  • http://twitter.com/WaltPartlo Walter Partlo

    Revolutionary!!!!

    • Anonymous

      iMAGICAL …

  • Anonymous

    “Siri, what’s the best way to use a tAmpon?”

    • Poo pants

      To stop a nose bleed.  Or pre-diarrhea.

      • Anonymous

        rotflol!!!!!

        Ha-Ha-Ha-Ha-Ha-Ha-Ha-Ha-Ha-Ha-Ha-Ha-Ha……………………………………………………..Ha-Ha-Ha………..rotflol!

      • Anonymous

        Sorry for laughing so hard people. I just saw my penis in the mirror

  • broken monkey

    Siri, close your legs! You dont everyone to see your shy parts, do you?

  • Anonymous

    This DOES change everything.

    • Poo pants

      It changed my adult diaper

  • Anonymous

    Wow, a setting that makes the user experience better at the cost of making a portion of your info easier to figure out when locked?

    OH THE HUMANITY!

    How many people do you know know that don’t even use passcodes on their smartphone at all?

    • Jameson

      Umm, most people have jobs, at corporations, that have exchange security policies, that force your phone to protect sensitive corporate emails and such. Sounds like Siri may bypass that. Which could be really bad.

      But I forgot, there aren’t any exchange security policies at your high school.

      • KCRic

        I wouldn’t say *most*…

        Maybe a lot but far from most.

      • Typical Fruit Fan

        Siri just told me that most people should use Blackberries for corporate security, because corporations are boring and don’t deserve her.  Fruit fans sacrifice security for convenience, so the world is at our fingertips… we know the most important thing is to remember when your Dad’s birthday is.  That’s why they used it in the promotional photo seen above.

  • Anonymous

    I would imagine someone who is that worried about their security, and who went under Settings to turn on the lockscreen passcode, would have also seen the Siri option on the same screen. It’s rather obvious and spelled out clearly. You don’t have to scroll down to see it or anything.

    For those who don’t have a lockscreen code…well, they weren’t that concerned about security anyways so this isn’t an issue.

    • Anonymous

      You have a proctolgist appointment: Wednesday @ 5pm. Wash your ass!

      —–>see where this is going<—–™®©

  • http://profiles.google.com/dayton818 Andrew Dayton

    Most of the time I have been using Siri is from the lock screen so I really like that I don’t have to unlock it first.  I am glad they enabled this by default or I may have not known I could do it.  Carrying a smart phone just assumes the risk that someone could steal your data no matter how secure your phone is.  I can wipe the phone from iCloud in a couple of seconds if I really need to.

  • Applesucksfatties

     A security flaw?  from an Apple product?   Shut the front door!!

    • Anonymous

      Leave the back door open?

  • Bobdonhim

    Sigh….Apple does NOT care about your privacy…that’s why this happens.  Yet, the iSheep still buy their insecure crap.  Leave your wallet on a bench in the mall, it’s the same as using an iPhone.

  • Anonymous

    Eh, at least Siri can’t pull up your embarrassing photos and texts.

  • justin

    lol it wasn’t shipped with a security threat – apple gave you the choice to turn this option on or off – you just lost a subscriber – really was tired of all the bs iphone 5 rumors anyways, this is just icing on the cake for me 
    cya suckers

    • http://pulse.yahoo.com/_47W6CR65QNWSRIPYCFU4C6VXE4 I

      Wrong! During device setup when turning on the first time SIRI is activated

      • Anonymous

        Not really.  I had to enable it on my NEW phone.  For my fellow Goofans (aka Apple Haters) I bought the iPhone 4s just so I could throw it against the floor.  But before throwing it on the floor I had to activate it! :-)

      • justin

        Passcode lock is not enabled by default so the user has to go to the settings page to enable Passcode lock which just happens to be the same page that the USER can disable the Siri part.. Your own damn fault if you didn’t see that OPTION..

      • Anonymous

        I thought you were leaving?

  • http://pulse.yahoo.com/_47W6CR65QNWSRIPYCFU4C6VXE4 I

    This was reported by an IT firm in Australia a week ago, first day of release. CNET didn’t have anything to do with it

  • Ulysses Grant

    Apple is only concern about making its phone looks cool instead of protecting its customers.  Siri shouldn’t be enabled by default. 

    But then again…Fanboys always defend that anything made by Apple is secure.

    • Anonymous

      I know right?  Google knows it’s stuff.  Their only concern is selling our data.  We agree with that.  

      • Ulysses Grant

        Exactly, I believe Apple and Microsoft almost got into trouble by selling our data or tracking our location but then they denied it. LOL

  • Ulysses Grant

    LOL…

  • Guest

    The headline should read:

    > Take 2 seconds and switch the settings to “use Siri with lock or only unlocked”

    Done.   Does bgr know anything about using an iPhone???

  • Anonymous

    In the interest of fairness, I find it amusing that a story mentioning a security flaw on HTC Sense got little or no traction.  And yet, this story gets lots of nice fellow Goofans (aka Apple Haters) bashing Apple.  Remember, that our lord Larry Page wanted Steve Jobs to be his boss and our other lord Andy Rubin actually worked for Steve Jobs.  

  • Dofus

    Way to go BGR… A “setting” feature is not eligible to be reported as a “security threat” -DOFUS!!

  • zacamandapio

    But, but, but iOS is secure.  Much better than Android.
    Almost like BB OS.

  • Anonymous

    hahahahahahahah

  • Anonymous

    How about to include “voice recognition” so only the owner of the phone can use Siri?

blog comments powered by Disqus