Apple fixes Siri passcode bypass flaw and Night Shift + Low Power Mode trick
Also check out Apple Fixes Siri Bug Allowing Access to Photos and Contacts on Locked Device including a video.
Early this morning, we told you about a new iPhone 6s passcode bypass vulnerability that allowed handlers to access photos and contact details without needing to verify with a passcode or Touch ID. The Lock screen vulnerability was made possible by Siri, and let users bypass the security provided by the Lock screen passcode and/or Touch ID.
If there’s a positive spin to put on such a vulnerability, it’s that fixes can be implemented server side without the need for an iOS update. Apple today has fixed the passcode bypass method by forcing Siri to request your Lock screen passcode whenever a user tries to search Twitter via Siri while at a secured Lock screen
If you ask Siri to “Search Twitter” while at the Lock screen, you’ll now receive a response that says “you’ll need to unlock your iPhone first.” Previously, Siri would simply ask what the user would like to search for. The fix, which was apparently implemented sometime today, prevents handlers…
Read the entire article from 9to5Mac here: Apple fixes Siri passcode bypass flaw and Night Shift + Low Power Mode trick