Tag Archives: iPhone

A Conspiracy Theory About Apple’s Assistant Siri :)

 

On April 5, 2016, Apple showed the world that the Siri permissions (Siri access levels to your iDevice) can be changed remotely at any time, server-side:

Via @washingtonpost:  An Apple spokeswoman confirmed that the bug was fixed Tuesday morning. Most consumers should have a fix in place – without the need for a software update.

Over time, Apple has quietly prevented several Siri  “features”  by server-side, remotely, so at any time can be opened and closed again, in case of… , without your knowledge, and you would never know.

Even, server-side Apple can give Siri unrestricted/unlimited access to our iDevices; an “authorized” person could get full access to any iPhone in the world by asking Siri with a specific secret voice command that could be changed at any time.

Could Siri be used like a backdoor?

Still at present,  Siri shows all reminders and events in calendar, and allows add, modify and delete, without asking for passcode.

 

 

Would not you like to keep private your tasks, dating, medical appointments … no losing the power of Siri on lockscreen?

I think would be great a handful of switchers on Settings – (Touch ID &) Passcode – Siri ; We could choose what Siri does and what not when our iDevice is passcode-locked, gaining privacy without giving up Siri on the lockscreen.

 

Advertisements

Siri helps, also to hijacking your WhatsApp.

If ask Siri your contact phone number, or by typping *#5005*74663# in the emergency dialer from the lock screen, in a few minutes, anyone with physical access to your iPhone (or remotely by accessing your voicemail) can take control of your WhatsApp account, without knowing your passcode, and thus obtaining from the groups the phone number of participants and …

If someone steals your device and knows your phone number, can hijack your WhatsApp by installing it in another device and asking for the verification call. Each new login increases the timeout to you can get back your WhatsApp, therefore, depending on how many consecutive logins made before you recover your phone number, your WhatsApp could get hijacked for minutes or several days.

And, once the attacker has taken control of your account, what if the process is done with WhatsApp Web, just to spy?

WhatsApp should use a more secure login?? … a two-step verification, or configuring a security question in the first login, or a PIN code, or that besides the phone number, ask for an email or something else… What do you think? How would you feel if someone hijacks your WhatsApp for a few minutes …or days?

( I think mostly instant messaging apps need a 2-step verification process and longer waiting time to proceed with the verification call. )

If your iPhone is misplaced, I think better not having Siri enabled on lock screen; the bad side is that you are discarding (among many other great things that Siri can do for you) the possibility that whoever finds your iPhone can give it back to you asking your information to Siri, but someone asking Siri could get much more than the owner’s identity.

Siri reads all notifications aloud, even those that you had blocked in the lock screen, allowing for example the person who steals your iPhone can check a SMS/Mail verification code to login in your WhatsApp / Line / Telegram… or any other online service, from another device.

Also, maybe you have apps that could show private or sensible notifications on lock screen, so maybe you would like to disable “Show on Lock Screen” for a particular app in Settings – Notifications, and even turn off the “Notifications View” in Settings – (Touch ID &) Passcode, for Not allow access when locked, but if ask Siri, will read all notifications aloud, including which are not allowed on the lock screen.

( I think would be great a handful of toggles on Settings – (Touch ID &) Passcode – Siri ; We could choose what Siri does and what not when our iDevice is Passcode Locked, gaining privacy without giving up the power of Siri on lockscreen. )

Recommended Read: “How Easy Is It To Hijack A Whatsapp User’s Account?” (by Kevin Costain) http://blogging.cwl.cc/2013/02/how-easy-is-it-to-hijack-a-whatsapp-user-account.html