A few hours ago I have posted the news on the decision of the Security firm Zerodium to pay a 1 Million Dollars prize for zero-day exploits and jailbreak for the newborn iOS 9.
Now I discover that it is quite easy to access user’s personal photos and contact list stored in the iOs devices running iOS 9. According to colleagues at THEHACKERNEWS, a hacker has found a method to access private data even if the mobile device is protected with a passcode or Touch ID.
The hacker explained that using the Apple’s personal assistant Siri it is possible to access data on the mobile device running iOS 9 less than 30 seconds.
Below the detailed instructions to bypass the passcode:
Below the video proof of concept for the trick.
Despite such kind of hack doesn’t match the “Eligibility / Conditions” announced by Zerodium, it is interesting to note that is quite easy to bypass the basic security measures implemented by the IT giant for its new born iOS 9
Waiting for a patch, iOS users can disable Siri on the lock screen by modifying the settings of the device from
Settings > Touch ID & Passcode
Once disabled, users will be anyway able to continue using Siri after unlocked their iOS 9 based device.
Edited by Pierluigi Paganini
(Security Affairs – iOS 9, hacking)