Siri security flaw uncovered
Default setting means Siri can be used when phone is locked
The default setting for Apple's new Siri personal assistant app for iPhone 4S allows much of the handset's functionality to be used even when the phone is locked.
The security worry means that anyone can pick up your iPhone and dictate texts, emails, make calls and have Siri list calendar appointments, while the 4S is passcode locked.
Siri - the little harlot - will also tell anyone details and addresses from your contacts book, but it can't open apps without unlocking the phone.
Dirty default
It's easy enough to atone for Siri's promiscuous behavior though, as you can turn her off in the Passcode Lock settings menu, but many users may not even realise that this is an issue.
Voice Control on previous iPhone models also allowed limited actions with the device in lock mode, but the sheer range of functionality on offer here is quite worrying.
Although it's easy to switch Siri off with the phone locked, it's somewhat surprising that Apple chose this as the default mode.
Graham Cluley of security giant Sophos blogged: "What's disappointing to me though is that Apple had a clear choice here.
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.
"They could have chosen to implement Siri securely, but instead they decided to default to a mode which is more about impressing your buddies than securing your calendar and email system."
Via: CNET
A technology journalist, writer and videographer of many magazines and websites including T3, Gadget Magazine and TechRadar.com. He specializes in applications for smartphones, tablets and handheld devices, with bylines also at The Guardian, WIRED, Trusted Reviews and Wareable. Chris is also the podcast host for The Liverpool Way. As well as tech and football, Chris is a pop-punk fan and enjoys the art of wrasslin'.