Security hole in iPhone 4S allows Siri to access password protected phones
October 19, 2011 By Mike Dunn
inShare0
Siri-iPhone-4S-Assistant
The personal assistant built into every iPhone 4s might leave your locked phone vulnerable. Even with a password protected phone Siri is able to send emails and text messages by default.
Everyone seems to love Siri, the friendly personal assistant built into the latest Apple iPhone 4S. People might not love her as much if they knew that she can leave your phone vulnerable. Security company Sophos has uncovered a security hole around Siri that allows people to use your phone even if you have a screen lock.
If you don’t know what Siri is yet, here is a quick crash course in everything you need to know. In the iPhone 4S default settings Siri is configured to function even if the screen is locked. This means that if you need to make a quick call to your friend, or shoot off a text message that you will be late to a meeting you don’t have to waste time unlocking your screen to do those simple tasks. The problem comes when an owner has a lock screen they can still access Siri, and her wealth of knowledge.
From a locked iPhone 4S anyone can access Siri and ask her anything you want, and she might even surprise you with some funny responses. You can also send emails and text messages from a locked iPhone 4S. You will need to know the name of the contact you are trying to message, but you are able to communicate through a locked phone. You are not able to launch any apps, or get information about contacts while the phone is locked.
The cause of this security hole is due to the default setting allowing Siri to work even with the protected lock screen up. To change this setting you simply have to go to setting, general, and then Passcode lock on your iPhone 4S. Once there you want to make sure Siri is turned off.
It is a little surprising to see that Apple even has the option to have Siri function when a password protected lock screen is up, let alone make that the default option on every phone sold. If you are an iPhone 4S owner make sure you change this setting in your phone, and if you know someone who owns an iPhone 4S now is your chance to send out funny emails on their behalf.
Originally posted by E2EK1EL
1) Settings> General > Restrictions
(You guys are getting really lazy)
2) Yes, add $200.00 with no data for HUP or sign a data plan and cancel for $200.
(Posted before)
I'm not lazy... and I know about those settings. Perhaps I was too lazy to see if the restrictions settings allow the user ONLY WIFI (and not 3G) access to a particular app.
Perhaps your lazy eyes misread, "Is there a way to RESTRICT apps like YouTube from using 3G and ONLY USE WIFI?"
I don't want to completly restrict an app, just the conditions which it can be used.
E2EK1EL
quote:
Originally posted by Prometheus Xex
I'm not lazy... and I know about those settings. Perhaps I was too lazy to see if the restrictions settings allow the user ONLY WIFI (and not 3G) access to a particular app.
Perhaps your lazy eyes misread, "Is there a way to RESTRICT apps like YouTube from using 3G and ONLY USE WIFI?"
I don't want to completly restrict an app, just the conditions which it can be used.
You have no choice, but to restrict the app entirely regardless of the 3G and Wifi data connections.
Also, you should know this answer by now since you've been using the 3GS since 2009, two years of using the world's easiest OS w/ the tightest lockdowns and etc ... You ask the most self explanatory about apps and functions which is not possible._
You should really move on to a different ecosystem dude, since you're so displeased with Apple's devices._
I can also quote all your lazy questions from day one if you like?
Prometheus Xex
quote:
Originally posted by E2EK1EL
Also, you should know this answer by now since you've been using the 3GS since 2009, two years of using the world's easiest OS w/ the tightest lockdowns and etc ... You ask the most self explanatory about apps and functions which is not possible._
Man WTF did I do to get this dished to me... ask a simple question? Is basically asking if you can block an app from using 3G that ridiculous as to get these type of answers? All you had to do to reply was saying something like, "As far as I know there's no method of restricting 3G access". That's it! So simple. Instead you try to talk down to me with such a condescending attitude.
What I'm asking for is basically the opposite of 3G Unrestrictor, and if something like that exists. Can you imagine the many parents who have given their teenagers iPhones with limited data plans need such functionality as what I want? Even ppl like my wife or my brother-in-law (and many others like them) who don't pay attention to whether or not their on WiFi blowing away the small data plans they've been allotted. Not everyone would shell out $25/mo when they want to receive small things like emails 'n such for the 100MB $10 plans that are available. A 3G Restrictor would suit many of these peoples needs for sure.
E2EK1EL
quote:
Originally posted by Prometheus Xex
Man WTF did I do to get this dished to me... ask a simple question? Is basically asking if you can block an app from using 3G that ridiculous as to get these type of answers? All you had to do to reply was saying something like, "As far as I know there's no method of restricting 3G access". That's it! So simple. Instead you try to talk down to me with such a condescending attitude.
What I'm asking for is basically the opposite of 3G Unrestrictor, and if something like that exists. Can you imagine the many parents who have given their teenagers iPhones with limited data plans need such functionality as what I want? Even ppl like my wife or my brother-in-law (and many others like them) who don't pay attention to whether or not their on WiFi blowing away the small data plans they've been allotted. Not everyone would shell out $25/mo when they want to receive small things like emails 'n such for the 100MB $10 plans that are available. A 3G Restrictor would suit many of these peoples needs for sure.
You make zero sense here, ppl want unrestricted 3G access for the longest time and you want restricted the 3G due to a data over usage that's caused by the user and also can be avoid in the first place?
My first bill on the IP4 was 790mb, that's an extra $8.70 and I've never surpassed 320mb in the past. You didn't see me complain about it? It's even more simple to deal with it; adding more data to your plan or limit your usage for certain app or functions. Soon 6GB won't be enough if the iPhone goes LTE in the next few years.
I've warned all you guys here since 2010 about how much data iOS4 and future iOS versions will be burning even more data. The more functions added and the faster the hardware pushes, you will soon see how much your bill increases each year. Anything lower then a 1GB is pretty much limiting your true enjoyments and usage of the iPhones from now on. Take a look @ iCloud, look how much data access it needs for each function.
Almost every question you've asked from day one, has been answered by someone here. Either from a previous post or an article that's been posted by a blog site. Every time you've done your bitching; it has proved nothing at all, no one else here has needed the function you complained about. Apple ain't gonna do anything about it nor will anyone from Cydia gonna create an app for such minor importance's. The worst case of your bitching I've caught a couple of times, is when you haven't done the homework at all and the function you were seeking was found on stock firmware that came straight from Apple or from an app from the AppStore. Think about this, making a toggle switch for every single system function within iOS will just make iOS cluttered and messed up like Android. In fact, Apple is starting to shrink the toggle switches from now on and here's the example.
You also make zero sense where you're constantly bitching about Apple this and Apple that, why can't the phone do this and that ... it's so simple and once again I have to rely on Cydia for these simple functions. The most ironic part of all this, you still continue to the buy the IP4 when you've damaged your 3GS due to spilling some soft drink and caused water damage. If you really need all those functions and toggles switches, why don't you start developing apps on Cydia which you think the iPhone really needs? Then you can have valid reasons to bitch and you've done something about it to solve your problem.
I suggested you to move on to Android or Windows a long time ago, since you're so displeased with the iPhone time and time again. Android's newest firmware, ICS is gonna have this function you're asking for ...
LightsOut
quote:
Originally posted by E2EK1EL
You make zero sense here, ppl want unrestricted 3G access for the longest time and you want restricted the 3G due to a data over usage that's caused by the user and also can be avoid in the first place?
Well HE wants to restrict his 3G and has a valid reason why its beneficial for him, who are you to tell him what he should and shouldn't do with HIS phone.
If you can help him out with his questions, then feel free to do so, but don't be some condescending elitest just because he doesn't spend every second on iphone forums like you do.
quote:
Originally posted by Prometheus Xex
I'd suggest asking for help on another forum if the E2EK1ELhomo attitude is getting to you, its his way or the highway around here apparently. :rolleyes:
E2EK1EL
I'm not telling him how he should use his phone, I'm giving him the truth of what's been happening and what's the future road map looks like, judging from how Apple manufactures their devices, services and ecosystem. Sorry to tell you, nothing is moving backwards and only forward with data consumption with Apple. Many apps had tried to cut back in data consumption, but it just doesn't work for the end user experiences (For example, Opera Mini) and that's how it is over here.
If you haven't noticed my so called "elitist attitude" towards some individuals here, many others like myself had done so much "homework" to help ppl here and while some users here had the exact same time frame of using the iPhone still lack the knowledge. Due to their lazy'ness and etc, which is just unacceptable. These are the same ppl who get trolled on and have no idea what's going on nor do they have the ability to defend themselves since their labeled as "sheeps". Maybe I'm a little too hard on ppl, but it's the only way a community can be strong and united together. Helping the ones who deserve it and have potential to understand future road maps. IMHO: I'm not even close to where I want to be, nor am I even close to being an elite in my books and I still have a lot to learn, but I expect ppl to move forward instead of idling there being spoon feed all the time.
Sorry to tell you, I don't browse any iPhone forums anymore and stopped that about two years ago. Only type of forums I'm on nowadays in regards of phones; are the ones dedicated to our Canadian Telecom, which is quickly relied here to help us cut back on our insane bills.
Maybe he should Google his question before posting it up her for help; I'm sure that's a better way to find his answer, it works 90% of the time for everyone.
LightsOut
quote:
Originally posted by E2EK1EL
Maybe he should Google his question before posting it up her for help; I'm sure that's a better way to find his answer, it works 90% of the time for everyone.
For sure, he easily could use google. But we have an iphone thread on TOTA for the benefit of this community, why not just help him out with a simple answer.
Kudos for taking the time and energy to fully understand your device, but a lot of people don't care to inform themselves on the intricacies of iphone modification and personalization. They just want their phone to work. Shouldn't we be passing on our knowledge, instead of belittling a fellow TOTA who isn't as informed on these issues?
E2EK1EL
Motorola RAZR open for unlocked bootloader business, if the carrier says so
Promises, promises. Motorola wasn't exactly fibbing when it said all future phones would ship with unlockable bootloaders, as it appears they will. There's just one teensy obstacle impeding the joy of ROM flashers worldwide: it's up to the carriers' discretion to keep it that way. In a chat with AusDroid, Moto's VP of Enterprise Mobile Devices, Christy Wyatt, revealed that the RAZR would indeed be the OEM's first device to ship with a software unlock. Unfortunately, as in the case of the DROID variant, operators like Verizon have chosen to put the smack down on any custom hackery, citing the typical concerns over security. But it's not all grey wireless skies, the handset's global version will ship with the code on board, so your best bet for CM7 and MIUI looks to be an off-contract option. Or, you know, there's always that Big Red Galaxy Nexus.
(Android, why do you let the carriers touch your ? They should only teaming up with you for compling the carrier builds)
E2EK1EL
I don't think you've noticed what I've been doing for almost the past two years here? I haven't been jailbreaking and moding my device much anymore. In fact, I've been trying to convert ppl to stay stock and learn why Apple has made certain things the way it is and to get things to working when problems occur.
Just like many things, I do explore both sides of stock and jailbreaking to see the importance of both ends. I'm also learning every ecosystem of all platforms of the industry and what direction things are going, it's not strictly Apple all the time and there's a reason why I post a lot of non Apple related topics, which you think I'm out to bash your ecosystem directly. (If that was the case, I should be jumping over to your thread and start attacking you guys with all the negativity of RIM in the recent news. Which in fact many you guys had done a lot over here in the past when Apple was starting out the iPhone) You have to understand everything of everything to know how good or bad you have things, before one complains.
It wasn't me that always snapped on him, there have been a few others too. It's doesn't make any sense to stay in a ecosystem which doesn't suit your needs and yet he stays and continues to criticizes a platform that will never be a open source. He doesn't seem to care to find the answer before asking here, judging from his posts over the last two years. It's never a simple answer for him, because its impossible for any legit & non legit developer to address the problems he has and we have to hear the negativity afterwards which gets a little too much for me and a few others. Sometimes it's even been covered here, a quick search could help answer his questions which may had been covered.
Another thing I don't think you've noticed here also ....
Towards the new users; I've always been extra helpful and in the past I've been at the bottom which I had no idea at all. I was lucky I had a few ppl that guided me and pushed me to understand the previous ecosystem I was in. It made me the person I am now today.
There's a point in time where the new users had passed and grown out of that level. They should try to seek and do their own research, regardless if here in this 500+ page thread or by searching on Google. I may seem pretty cold to some ppl, but idling and being spoon feed for so long doesn't seem to help the community at all.
I can list many users here who had been using the iPhone for same or even shorter time frame, that has surpassed me with knowledge about our ecosystem. They invested their time, did their homework and I have nothing but respect for these individuals.
Indeed everyone learns differently in here, but it makes no sense to continue stay here and on your own ecosystem every time. Especially when you know from day one, it's the most strictest and closed platform in the industry.
E2EK1EL
Slide to Unlock - Patented
The United States Patent & Trademark Office this morning issued a patent grant to Apple pertaining to the familiar Slide to Unlock gesture. Remember, the now ubiquitous sliding move debuted on the original iPhone as a fun way to keep your device secured while in your pocket. “To unlock the phone, I just take my finger and slide it across. Wanna see that again? We wanted something you couldn’t do by accident in your pocket. Just slide it across – BOOM.”, Steve Jobs said entertaining the invitees at the phone’s unveiling in January of 2007.
The iOS chief Scott Forstall is credited as one of the inventors, in addition to Apple engineers Imran Chaudhri, Bas Ording, Freddy Allen Anzures, Marcel Van Os, Stephen O. Lemay and Greg Christie. Apple actually filed a patent application in December of 2005, a little over a year ahead of the iPhone introduction at the Macworld Expo. Of course, the work on the iPhone had begun a few years earlier.
It’s a bit silly, really, but blame it on the patent system. Be that as it may, nobody now gets to use the popular ‘Slide to Unlock’ without infringing on Apple’s patent. The company explains in the granted patent document:
A device with a touch-sensitive display may be unlocked via gestures performed on the touch-sensitive display. The device is unlocked if contact with the display corresponds to a predefined gesture for unlocking the device. The device displays one or more unlock images with respect to which the predefined gesture is to be performed in order to unlock the device. The performance of the predefined gesture with respect to the unlock image may include moving the unlock image to a predefined location and/or moving the unlock image along a predefined path. The device may also display visual cues of the predefined gesture on the touch screen to remind a user of the gesture. In addition, there is a need for sensory feedback to the user regarding progress towards satisfaction of a user input condition that is required for the transition to occur.
To learn more about this patent, just go to the USPTO search engine, click the Number Search below the Patents section and type in the patent number 7657849. To see Jobs introduce the Slide to Unlock gesture to the world for the first time, fast forward to mark 15:30 in the clip embedded below.
Conan drops some reality on the Siri commercial
E2EK1EL
RIM faces class-action lawsuit over BlackBerry outage
MONTREAL — BlackBerry users still fuming over a service outage earlier this month could be part of a proposed class-action lawsuit seeking refunds for the downtime.
Montreal-based law firm the Consumer Law Group Inc. says it has filed a nationwide class-action suit against the smartphone’s developer, Research In Motion.
The lawsuit needs to be certified by a judge as a class action before it can go forward.
The suit claims that RIM failed to directly compensate BlackBerry users, who pay monthly data fees to wireless carriers.
Consumer Law Group claims that RIM also failed to arrange for service providers like Rogers, Bell and Telus to provide refunds.
The suit covers the BlackBerry outage which occurred around the world from Oct. 11 to Oct. 14, affecting some user emails, BlackBerry messenger service and Internet.
iPhone 4S launch drives record number of BlackBerry trade-ins
Gazelle, a website that specializes in buying, selling and recycling gadgets, said on Tuesday that BlackBerry trade-ins recently reached an all-time high. Speaking with CNET, Gazelle chief gadget officer Anthony Scarsella said his company saw a “spike” after Research in Motion’s recent BlackBerry service outage, which spanned three days in some areas, but that Apple’s latest iPhone is mostly to blame for the surge. “In the grand scheme of BlackBerry [trade-in] growth over the past month, it can be pretty much entirely attributed to the launch of the iPhone 4S,” Scarsella explained. Additionally, Android trade-ins jumped 72% during the past month, the majority from Sprint customers, although Scarsella said he couldn’t put his finger on an exact event that caused the increase.
Apple’s Newsstand causes surge in magazine subscriptions
Apple’s Newsstand application, which allows iOS 5 users on the iPhone, iPad and iPod touch to subscribe to and purchase magazines, has resulted in a surge of magazine subscriptions. According to paidContent, Condé Nast recently said its weekly subscription sales for nine of its digital magazines (Allure, Brides, Glamour, Self, GQ, Golf Digest, The New Yorker, Vanity Fair and Wired) increased 268% since the storefront made its debut alongside iOS 5. In addition, sales of single issues surged 142% in comparison to the eight weeks prior to Apple’s launch of Newsstand. “Putting all the magazines in one place just makes the most sense, in terms of allowing easy discovery for consumers,” Condé Nast executive vice president Monia Ray told paidContent. “Furthermore, the update from iOS 5 is terrific, especially the background loading. We have a lot of features embedded in our titles and they take time to load. Background loading helps ease the wait-factor. But for the most part, before, the App Store represented a wide-ranging bazaar. Now, it has clear aisles to make it simple for consumers to browse.”
Apple in talks to power North Carolina data center site with solar farm
Apple’s massive billion-dollar North Carolina data center, which received a failing rating in a Greenpeace report earlier this year, may soon be powered by a solar farm. The Charlotte Observer recently uncovered permit plans from North Carolina’s Catawba County that show Apple’s intentions to adjust the terrain on a 171-acre plot across from its data center. The plans are titled “Project Dolphin Solar Farm A Expanded” but they do not discuss the solar farm itself. Instead, they detail roads, erosion control and a strategy to avoid disturbing local streams and the local environment with construction work. Apple has yet to apply for a building permit for the site, but more information will likely be revealed if it does. This is not Apple’s first foray into eco-friendly power; its facilities in Austin, Texas; Sacramento, California; and Cork, Ireland already run on 100% renewable energy. The Cupertino-based company currently relies on coal and nuclear power from Duke Energy to run its North Carolina data center.
