iOS 9.3.1 has fixed a bug when opening Safari links - another gap exists but still. Using Siri and 3D Touch can view all the photos on your iPhone even strangers.
iOS 9.3 further remains a problem child - after iOS 9.3.1 had fixed a link-Bug, a YouTube user has discovered a new vulnerability. The reports Daily Dot. The error is not nearly as obvious as the recent bugs in iOS 9.3, however, can properly exploited strangers access to all photos on the iPhone grant. The error is, however, only in the context of 3D touch and therefore only on the iPhone 6s and iPhone 6s Plus. The bow is to occur in all iOS 9 versions to iOS 9.3.1.
The steps that disclose the bug in the video, again to read along:
Without the iPhone with a PIN or fingerprint to unlock, Siri can be activated with the command "Hey Siri"
Then allowed Siri to Twitter Search
Search for the second part of an e-mail address such as "@ gmail.com"
Siri is a result, it selects a tweet that contains a complete e-mail address
Tap Tweet and then with 3D Touch open the pop-up window
"Add New Contact" key
When editing of the new contact you can now edit the photo box, select a photo and then is able to view all the pictures stored on the iPhone
How Daily Dot objecting to law, the bug of course requires considerable knowledge of the vulnerability. Furthermore, the iPhone asks for many users at the beginning of Siri search for "Twitter" well but after entering the PIN. After several repetitions you can search without entering the code but then also. To close the gap, you should disable access to Siri in lock screen under "Settings> Touch ID & code> Siri".
Siri is almost traditionally a vulnerability in iOS. So you could deal in iOS 9.0.1 the PIN with a Siri-question of time.
 |
| Eine neuer iOS 9.3.1-Bug erlaubt Zugriff auf alle Fotos. |
iOS 9.3 further remains a problem child - after iOS 9.3.1 had fixed a link-Bug, a YouTube user has discovered a new vulnerability. The reports Daily Dot. The error is not nearly as obvious as the recent bugs in iOS 9.3, however, can properly exploited strangers access to all photos on the iPhone grant. The error is, however, only in the context of 3D touch and therefore only on the iPhone 6s and iPhone 6s Plus. The bow is to occur in all iOS 9 versions to iOS 9.3.1.
The steps that disclose the bug in the video, again to read along:
Without the iPhone with a PIN or fingerprint to unlock, Siri can be activated with the command "Hey Siri"
Then allowed Siri to Twitter Search
Search for the second part of an e-mail address such as "@ gmail.com"
Siri is a result, it selects a tweet that contains a complete e-mail address
Tap Tweet and then with 3D Touch open the pop-up window
"Add New Contact" key
When editing of the new contact you can now edit the photo box, select a photo and then is able to view all the pictures stored on the iPhone
How Daily Dot objecting to law, the bug of course requires considerable knowledge of the vulnerability. Furthermore, the iPhone asks for many users at the beginning of Siri search for "Twitter" well but after entering the PIN. After several repetitions you can search without entering the code but then also. To close the gap, you should disable access to Siri in lock screen under "Settings> Touch ID & code> Siri".
Siri is almost traditionally a vulnerability in iOS. So you could deal in iOS 9.0.1 the PIN with a Siri-question of time.
0 yorum: