▶ Apple
Siri PIN bypass discovered

Video shows simple to bypass PIN lock

A trivial way to get into a PIN-protected iPhone, running iOS9, without knowing the PIN at all has emerged which is available to anyone with physical access to the handset. Apples iOS9 had only been out for a week before a video appeared showing how it's done, making use of Siri and the onboard clock.

The way it works is to enter an incorrect passcode a few times, then tap Siri right at the same time as the final attempt, which gives access to other applications such as the clock. However, the clock gives the user the ability to share via SMS, which in turn means access to the users contacts, view photos etc.

Childs play

Jose Rodriguez has posted a video showing how simple the hack is:

This attack can't be used to toally unlock an iPhone - it's only the features exposed through the software such as the clock which is at risk. However, as can be seen, that's enough to lay bare some pretty sensitive information, as well as enabling functionality such as sending messages.

It's not been a great week for Apple. After it turned out the Chinese App Store had 4,000+ XcodeGhost infected apps, users are reporting problems with bluetooth and firmware update failures.

Until a fix is issued for this hack, iOS users are advised to disable Siri on the lock screen.