iPhone Users: Siri May Be Giving Your Personal Information Away Freely - ITS Tactical
 

iPhone Users: Siri May Be Giving Your Personal Information Away Freely

By The ITS Crew

siri-exploit-05

Most iPhone users are familiar with Siri, the bumbling and somewhat effective digital personal assistant included with iOS operating systems. For times when you need to set an alarm or make a hands-free phone call, Siri can be wonderful.

Unfortunately, many users may not be aware of how much personal information your friendly digital assistant will give out when asked.

Exploiting Siri’s Good Nature

This exploit plays on Siri’s want to have your phone returned to you if it’s ever lost. Apple definitely wants lost or stolen phones to be returned and has introduced a number of features to help recover them.

Before we get into the security risk in question, there’s a few other features I’d like to mention that can really help you out if you lose your iPhone. Find My iPhone is a fantastic feature that allows a you to lock down a lost or stolen phone, or even display a message on it to the person that may be in possession of your phone.

As great as the Find My iPhone feature is, there’s a hidden setting that can give out more personal information than you may want to in the event your phone is misplaced or stolen. That’s the contact information that Siri can summon from the lock screen by someone simply asking Siri who’s phone this is.

siri-exploit-01

For those of you that have access to Siri on your Lock Screen enabled, holding the home button down and asking Siri “Who’s iPhone is this?” prompts Siri to display the contact card you’ve selected as “You” on your phone.

Rather than just providing basic information to return the device, Siri displays the entire contact card, including all phone numbers, addresses, emails, websites, birthday and family members you may have stored there. I was a little shocked to discover that Siri would share this amount of information with someone without having the phone unlocked.

This means that someone could potentially grab your phone in public and ask Siri this question to access your personal information. Apart from them gaining information about where you live, consider the potential for identity theft with things like your full name, birthday and family members.

How to Stop It

siri-exploit-02

The best method to prevent this exploit is disabling Siri from the lock screen. There are a number of things that Siri can do from the lock screen that create a privacy concern. This includes sending text messages, providing calendar data/appointments and even making phone calls; all without unlocking the phone. You can disable access to Siri on the lock screen from the Touch ID & Passcode menu in your settings.

For those that just can’t do without Siri on the lock screen, consider creating a new contact card in your phone that contains only the information you want visible and then assigning that contact card as “You.” Keep in mind that apps that rely on the contact card for your Home and Work addresses, or other information, won’t function properly using this option.

siri-exploit-06

If you do choose to disable access completely, ensure that you create a Medical ID from the “You” contact in your phone, so someone is able to reach you in case you lose your phone. The Medical ID option is great because it allows you to specify what information is provided from the lock screen. While not having access to Siri from the lock screen might be a bit of an inconvenience, the increased security gained seems far worth it.

What are your thoughts? Do you have any other important iPhone security tips?

Are you getting more than 14¢ of value per day from ITS?

Thanks to the generosity of our supporting members, we’ve eliminated annoying ads and obtrusive content. We want your experience here at ITS to be beneficial and enjoyable.

At ITS, our goal is to provide different methods, ideas and knowledge that could one day save your life. If you’re interested in supporting our mission and joining our growing community of supporters, click below to learn more.

Discussion

14 comments
NikoleGoodrich
NikoleGoodrich

Technically this isn't even news worthy. If you do your due diligence on security with the phone you will not, I repeat, will not have these types of issues. Also; if people were even concerned- they wouldn't complain about "wanting" a simple passcode - which is a joke. Ya people need to change that to be longer - even if it's all numbers. If you have location services off - apps can't track you. So change it by drilling into the settings. Ya, it's an inconvenience to not have them on but ya shouldn't be surprised if this crap happens then.

Ryan
Ryan

I tried this, and Siri said she didn't know whose phone it was.  Then I asked her "who is (insert my name)".  She came up with my contact, and when I touched it, it went in to my contacts, completely bypassing my touch ID and pin.  


I decided to disable siri from the lock screen.  Thanks!!!!

corbs
corbs

Your friends will also have fun getting siri to send interesting texts to your friends...

Jouwen Lee
Jouwen Lee

Pearly Lim, Jocelyn Lim take a look

Kevin Lazar
Kevin Lazar

On the iPhone try settings>privacy>location services>system services>frequent locations. Take a poke around there and see that the iPhone tracks everywhere you go. When, where, and how long.

nick b1
nick b1

thats an awesome find, thanks!


Sebastien Leonard
Sebastien Leonard

Windows 10 demands access to your Facebook account to even function According to what i read

Jon Maxwell
Jon Maxwell

With the many local and federal agencies using stingrays, and the nsa doing their thing, assume any digital information is up for grabs.

Philip Harling
Philip Harling

So, if I leave my house open, people can come in and help themselves? \U0001f612

ScottWLovesYou
ScottWLovesYou

Is anybody really surprised at Apple's poor security anymore?

Dale Barrett
Dale Barrett

Good info, though if people want to know that I need to pick up bread and dry cleaning thats fine. As for directions.. well the phone tracks you even when it has "no signal" so Siri or not, people can find your frequent locations and the times your there.

Do you have what you need to prevail?

Shop the ITS Store for exclusive merchandise, equipment and hard to find tactical gear.

Do you have what you need to prevail? Tap the button below to see what you’re missing.