Passcode

Early this morning, we told you about a new iPhone 6s passcode bypass vulnerability that allowed handlers to access photos and contact details without needing to verify with a passcode or Touch ID. The Lock screen vulnerability was made possible by Siri, and let users bypass the security provided by the Lock screen passcode and/or Touch ID.

If there’s a positive spin to put on such a vulnerability, it’s that fixes can be implemented server side without the need for an iOS update. Apple today has fixed the passcode bypass method by forcing Siri to request your Lock screen passcode whenever a user tries to search Twitter via Siri while at a secured Lock screen

If you ask Siri to “Search Twitter” while at the Lock screen, you’ll now receive a response that says “you’ll need to unlock your iPhone first.” Previously, Siri would simply ask what the user would like to search for. The fix, which was apparently implemented sometime today, prevents handlers from accessing sensitive photos or contact information without first entering their passcode.

It also seems that Apple has fixed another bug, one much less nefarious, which let you activate Night Shift Mode while Low Power Mode is enabled. That trick, too, relied on Siri. Now, when you ask Siri to enable Night Shift while Low Power Mode is enabled, you’re met with a response that says: “In order to turn on Night Shift, I’ll have to turn off Low Power Mode. Shall I continue?”

Night Shift Passcode Fix

Previously, users were able to enable both Night Shift and Low Power Mode by means of Siri.

Thanks to Gary and Peter for the tips.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author