Click to Skip Ad
Closing in...

Update your iPhone to iOS 16.1 right now to fix the dangerous ‘SiriSpy’ security flaw

Updated 4 weeks ago
Published Oct 26th, 2022 1:55PM EDT
SiriSpy flaw, update to iOS 16.1
Image: Guilherme Rambo

Early this week, Apple released iOS 16.1, iPadOS 16.1, and macOS Ventura to all users. While new features are always welcome, there’s another reason to keep your iPhone and other Apple gadgets updated. This time, updating to iOS 16.1 fixed a dangerous security flaw that exploits Siri to record your conversations, even if it might kick you off your Wi-Fi.

This SiriSpy bug was found by indie developer and 9to5Mac contributor Guilherme Rambo. According to him, “any app with access to Bluetooth could record your conversations with Siri and audio from the iOS keyboard dictation feature when using AirPods or Beats headsets. This would happen without the app requesting microphone access permission and without the app leaving any trace that it was listening to the microphone.”

Long story short, Rambo discovered that a DoAP service, which is used for Siri and Dictation support, was, in fact, listening to what he said through AirPods without needing to say “Hey Siri.” He created an app to test whether this issue was, in fact, occurring. Here’s what this app he created did:

  • Asks for Bluetooth permission
  • Finds a connected Bluetooth LE device that has the DoAP service
  • Subscribes to its characteristics to be notified of when streaming starts and stops, and when audio data comes in
  • When streaming starts, creates a new wav file, then feeds the Opus packets coming from the AirPods into a decoder, which then writes the uncompressed audio to the file
  • Once streaming stops, closes the wav file, then sends a local push notification to demonstrate that the app has successfully recorded the user in the background

In a real-world exploit scenario, an app that already has Bluetooth permission for some other reason could be doing this without any indication to the user that it’s going on, because there’s no request to access the microphone, and the indication in Control Center only lists “Siri & Dictation”, not the app that was bypassing the microphone permission by talking directly to the AirPods over Bluetooth LE.

Although a bit different, this SiriSpy issue also affected macOS users. Apple was able to fix this issue through a software update with macOS 13 Ventura.

Rambo said he discovered this flaw back in August. He informed Apple, which said the company was investigating. With iOS 16.1 out, the company offered a fix.

Don’t forget to update your Apple devices to the latest operating systems, as they offer a fix for Siri unwantedly spying on your conversations with AirPods.

You can read Rambo’s full explanation of this bug here.

More Apple coverage: Five reasons to update to macOS 13 Ventura now

José Adorno Tech News Reporter

José is a Tech News Reporter at BGR. He has previously covered Apple and iPhone news for 9to5Mac, and was a producer and web editor for Latin American broadcaster TV Globo. He is based out of Brazil.