Apple’s security as of late is as effective as a one-armed man clapping. Not only can anyone access a password-protected iPad if it has a Smart Cover, Apple’s new brainchild Siri can be used to pilfer personal information despite a passcode lock.
Damn You Siri
A fatal flaw in Siri was recently discovered, tarnishing the reputation of the iPhone’s newest claim to fame. The flaw allows anyone to access an iPhone via voice-activated commands despite screen and password locks, access that includes personal information. By hitting the home screen button a person, using Siri, could have access to texts, the calendar and other services — all without having to unlock the home screen.
Email luckily is not accessible, “the positive thing is that accessing some of the more sensitive services in this manner, such as email, is forbidden,” says Alan Goode of Goode Intelligence, a mobile security firm. “But I could still run up a pretty impressive and annoying phone bill if I had malicious intent and if Apple missed this pretty easy to find vulnerability then what other security threats are hiding in Apple’s latest mobile OS?”.
Users can protect themselves from Siri by manually disabling the option to enable Siri at the password lock. The default setting however makes users vulnerable and should never have been the default to begin with.
Seems like these days password protect means absolutely nothing to Apple and they are luring their users into a false sense of security. The newest blunder is for the iPad, which can be passcode bypassed by using a magnetic smart cover. The smart covers seemingly confuses iOS 5.
To open an iPad with smart cover while password locked you only need to hold down the power button until the iPad 2 slider turns off, you then close and open the smart cover and click cancel — voila!
Luckily the trick doesn’t give you full access, you can only view the applications that the user was using before they locked the device. This however includes email, the browser, messages and contacts.