Update: Because Siri’s operations can be fixed server-side, this exploit is no longer working. We tried to recreate it today, and it seems Apple has rectified the issue. You’ll now be asked to unlock the device first.
When a bug is squashed, another exploit tends to show up. After releasing a quick fix to keep the iPhone from bricking during Safari links in iOS 9.3, a video has surfaced showing a way to get into anyone’s photos or contacts through a trick of double-talk through Siri.
First spotted at the Daily Dot, Youtube user Videosdebarraquito shows how to unlock a 6s or 6s Plus with some circuitous talking and tapping — and not a single passcode. By searching through Twitter for an email address, the 3D Touch capability allows a user to tap directly into Contacts. And from there, it’s just an easy tap over to Photos.
Of course, if the phone is not 3D touch-enabled, it’s not doable.
While a fairly lengthy exploit that required a certain amount of knowledge to execute (namely, finding an email through Twitter), it’s doable. It seems that although the phone requires a passcode to access Twitter some of the time, at a certain point it stops working. From there, it’s all gravy.
Maybe time for another quick fix?
Get the TNW newsletter
Get the most important tech news in your inbox each week.