"Whoops" - someone in Apple's iOS department. Probably.
After the roll out of the latest iOS 9.3 update saw hundreds of thousands of iPhone and iPad users encounter serious operating issues, Apple duly responded with a 'fixed' iOS 9.3.1 patch.
However, the updated update has been shown to have a serious security flaw for iPhone 6S and 6S Plus users: anyone can access your contacts or photos by sweet talking Siri with a few simple instructions.
Spotted by YouTuber Videosdebarraquito, the trick works by exploiting the 3D Touch screen functions. See it demoed above, or try it yourself with the steps below (so long as you've downloaded the latest iOS):
- Talk to Siri, either with the home button or by saying "Hey Siri"
- Ask Siri to "Search Twitter"
- In response to Siri asking what to search for, say "@gmail.com" or end of any email address
- When Siri returns a list of results, go for a tweet with a full email address
- Click and hold the email address in the Tweet, engaging the 3D Touch window appears
- Click "Add new contact". Now, this will allow you to access all of the phone's contacts when you hit "Add to existing contact" - which it shouldn't. But you can wiggle further under the skin of the iPhone as well: tap the contact photo box and you'll be able to see all the photos on the device
It's a menu exploit that reminds us of this epic exploit that used to exist on PCs running Windows 95. Ah, the memories...
