[mac4theblind] Fwd: [real-eyes] Has Siri left your iPhone 4S unlocked?
- From: David Hilbert Poehlman <poehlman1@xxxxxxxxxxx>
- To: mac4theblind@xxxxxxxxxxxxx
- Date: Thu, 20 Oct 2011 13:57:47 -0400
> -----Original Message-----
> From: real-eyes-bounce@xxxxxxxxxxxxx [mailto:real-eyes-bounce@xxxxxxxxxxxxx]
> On Behalf Of Steve Clark
> Sent: Wednesday, October 19, 2011 7:09 PM
> To: nut@xxxxxxxxxxxxx; real-eyes@xxxxxxxxxxxxx
> Subject: [real-eyes] Has Siri left your iPhone 4S unlocked?
>
> Please visit my blog
> https://blindbites.wordpress.com/
> Follow me on twitter
> https://twitter.com/#!/blindbites
>
>
> The following is from:
> http://nakedsecurity.sophos.com/2011/10/19/siri-iphone-4s-unlocked/?utm_sour
> ce=twitter&utm_medium=gcluley&utm_campaign=naked%2Bsecurity
>
> Has Siri left your iPhone 4S unlocked?
> by
> Graham Cluley
> on October 19, 2011 |
> Apple's new "Siri" feature, the voice-activated personal assistant built
> into the iPhone 4S, leaves owners' spanking new smartphones partially
> unguarded.
> Those of us who work in the security arena have often banged on about the
> importance of securing your smartphone
> with a password or passcode to prevent unauthorised access.
> Most mobile phone manufacturers have recognised that as so many people use
> their smartphones to manage their their diaries, their private
> communications, and their social lives, it's good to have some form of
> security.
> Which leaves Apple with some egg on its face regarding Siri.
> Even if an iPhone 4S is locked with a passcode, a complete stranger can come
> up to your smartphone, press the button and give Siri a spoken command.
> I borrowed a passcode-locked iPhone 4S from a colleague here at Sophos and,
> with his permission, was able to write an email, and send a text message. If
> I had wanted to I could have meddled with his calendar appointments too.
> iPhone 4S
> All without having to enter the passcode. I'm sure you can imagine some of
> the ways this could potentially be abused.
> iPhone 4S settings
> Fortunately there's an easy way for security-conscious users to disable Siri
> when their phone is locked.
> Enter "Settings/General/Passcode Lock" on your iPhone 4S, and make sure that
> the "Siri" option is set to "Off".
> That way Siri cannot be used when the smartphone is locked with a passcode.
> Which seems the sensible option to me in most circumstances.
> (In the case of the colleague's iPhone 4S that I borrowed, I might also
> suggest that he switch from having a "simple" numeric passcode to a more
> complex version too).
> What's disappointing to me though is that Apple had a clear choice here.
> They could have chosen to implement Siri securely, but instead they decided
> to default to a mode which is more about impressing your buddies than
> securing your calendar and email system.
> It's not as though Siri impressed me enormously anyway during my brief play
> with it. 30% of the time it misinterpreted what I was trying to say.
>
> --
> To subscribe or to leave the list, or to set other subscription options, go
> to www.freelists.org/list/real-eyes
>
>
>
> __________ NOD32 6558 (20111019) Information __________
>
> This message was checked by NOD32 antivirus system.
> http://www.eset.com
>
--
Jonnie Appleseed
with his
Hands-On Technolog(eye)s
reducing technology's disabilities
one byte at a time
************
You are subscribed to the mac4theblind mailing list.
The url for this list, where one can unsubscribe or make any changes to
their list subscription is:
//www.freelists.org/list/mac4theblind
The list archive is located at
//www.freelists.org/archive/mac4theblind/
All emails intended for the list owner can be sent to:
john@xxxxxxxxxxxxxxxxxx
Other related posts:
- » [mac4theblind] Fwd: [real-eyes] Has Siri left your iPhone 4S unlocked? - David Hilbert Poehlman
