1(630)802-8605 Ravi.das@bn-inc.net

The iPhone and/or the Samsung wireless devices have become literally a leash on our life, both in a personal and professional manner.  Just think about it – we use it to communicate with family and friends, and even do our daily job tasks on it.  Heck, there is no need to even go the office anymore – just use your iPhone!!

Because of the gravity of this, just imagine now what our life would be like if our iPhone or Samsung devices were either lost or stolen-we would be paralyzed with fear.

This has happened to me on numerous occasions, when I could not find my iPhone.  But luckily, I was able to back trace my steps and eventually find it (WHEW!).  The Android and the iOS are deemed to be amongst the most secure OS’s that are out there.

But truth be told, there are Security issues with them as well, of which I have also written about in my articles.  One them is the concept known as “Jailbreaking”.  This is where you try to hack into the iOS or the Android and try to get root level access.

We will cover this concept in a future blog.  But for now, it has been revealed that the iOS just came out with its latest Security flaw – or more, a so called “Privacy Bug”. Apparently, Siri can talk her head off and even read out confidential messages even when the iPhone screen is locked.  This bug was actually first discovered by scientific editors at the Brazilian website known as “Mac Magazine”.

But, the implications of this bug are much more serious than first anticipated.  For example, Siri can allow for unauthorized users of an iPhone device to be able to access private messages from third party apps such as Facebook Messenger, WhatsApp, Telegram, Skype, and Signal.  But interestingly enough, the iMessage or the texting component of the iOS has not been affected at all by this bug.

Apparently, it can also even read out E-Mail messages from Gmail accounts, including such things as the sender and even the subject matter. The good news is that this bug is only appearing in the iOS versions of iOS 11.2.6 and the beta version of iOS 11.3.  Mac Magazine has reported this glitch to Apple, and the company says that they are scrambling around to try to find a fix for it.

But until that comes out, here is a temporary workaround offered by Mac Magazine:

1) Turn off screen notifications for sensitive apps (Go to the app in Settings > Notifications > Show on Lock Screen).

2) Disable Siri whenever the device is unlocked (Go to Settings > Siri & Search > Allow Siri When Locked).

(SOURCE:  https://threatpost.com/apple-to-fix-glitch-allowing-siri-to-read-hidden-messages-out-loud/130721/).

Apparently this is not the only Security glitch that Apple has had to deal with.  When the iPhone X came out with its Face ID system (in lieu of the Touch ID system on the older generations of the iPhone), the system was the facial recognition system was spoofed when a 3D print mask of an impostor was created.  Also just recently, some of the tightly guarded iOS source code was  leaked to a hacking community.

As a Biometrics professional, this is the first I have heard of the Face ID system being spoofed.  But as far as my recommendations for securing your iPhone in general, limit your downloads to those apps that you absolutely need.  Yes, there are very convenient, but they can also pose a serious Security threat as demonstrated by Siri.