contador web Skip to content

IOS 9.3.1 flaw allows any user to access photos and contacts without needing the numeric password [atualizado: falha corrigida!]

The iOS 9.3 link crash has just been fixed and a new security bug has been found in iOS 9.3.1. THE YouTuber Jose Rodriguez yesterday published a video in which he demonstrates how to access photos and contacts from a device without having to enter the numeric password.

The fault allows any user to call the Crab on the Lock Screen either by the Incio button or by β€œE a, Siri?” and do a search on Twitter. If there is, in the search, any contact information such as an email, for example it is possible to press it with 3D Touch so that a menu appears with options to send email, modify or add a contact. From there, the user can browse the list of contacts and, when touching to modify a photo of the contact, access the photo library.

The bug appears on iOS 9.3.1 and, because action is required 3D Touch, only affects users of iPhones 6s and 6s Plus. According to the AppleInsider, this type of search can also affect WhatsApp.

To get rid of this problem, you can disable Siri from accessing Twitter and photos by going to Twitter Settings and disabling Siri; then do the same for the photos: Privacy Settings Photos and disable Siri. If you are not seeing these options, because Siri in Portuguese does not yet offer such types of integration. Because, from time to time there is an advantage in being left behind 😝

If you want to cut access completely, go to Touch ID and Code settings and turn off Siri in the "Allow access when blocked" area.

Update by Rafael Fischmann Β· 04/05/2016 s 14:49

Let's admit it: in this one Apple was * pretty * fast. The fault j has been corrected, and fortunately totally remotely by Apple. As Siri runs almost entirely directly on the company's servers, it managed to change the behavior of the command and now users really need to unlock their iPhones to have access to photos / contacts.

Let's wait for the next bug. 😜

[via Fortune]