ST. LOUIS, MO. (KTVI)- A flaw in the Apple iOS 9 system enlists the phone's digital assistant, Siri, to bypass the system's lock feature. The glitch allows users other than the phone's owner to access photos and contacts on an iPhone 6S or 6S Plus, according to video demos.
The bug first surfaced on the internet in a video uploaded to Youtube by user Ideosdebarraquito and further detailed in a second video by YouTuber EverythingApplePro.
Scott Schaffer of Blade Technologies, Inc. spoke with Lisa Hart today to explain how the glitch works, and how you can protect yourself. For step by step instructions on preventing the bug, see below.
The flaw works by asking Siri to search Twitter, specifically looking for a result that returns an email address. On an iPhone 6S or 6S Plus, you then "force tap" on the email link to access the 3D Touch menu and choose the option to Add to Existing Contact, which provides access to all contacts. You can also choose to Create a New Contact and add a photo to that contact, which gives access to all photos.
The bug requires specific settings to be enabled, so it will not affect everyone. But the problem shows how difficult it can be for a company like Apple to test every possible scenario when releasing a new version of its mobile software. Bugs that allow someone to bypass the lock screen have been especially notorious since they defeat the whole purpose of securing a phone with a passcode.
If you own an iPhone 6S or 6S Plus, there are ways to protect yourself from this glitch. Go into Settings, choose the Privacy option, tap Photos and then disable the option for Siri if it appears. That will block access to Photos if someone exploits the flaw. However, it won't cut off access to your contacts. To fully protect yourself, go into Settings, choose Touch ID & Passcode. Enter your passcode. Scroll down and disable the option to give Siri access when the screen is locked.