Security Flaw in iOS 9.3.1 Allows Access to Contacts and Photos Without Passcode [Video]

A security flaw in iOS 9.3.1 allows access to your contacts and photos without entering a passcode. The vulnerability was discovered by Jose Rodriguez.

The procedure involves using Siri to initiate a Twitter search then using a 3D Touch gesture on contact information to bring up the Quick Actions menu. Tapping Add to Existing Contact brings up your full contact list and adding a photo to the contact brings up your entire photo library.

To protect yourself from this security flaw, you can turn off access to Photos and Twitter for Siri. This can be down from the Settings -> Privacy ->Photos and Settings->Privacy->Twitter menus.



blog comments powered by Disqus
Octofinder Blog Catalog