Apple's IPhone 5s comes with the much-awaited Touch ID fingerprint sensor for biometric authentication, however a recent video by a security research group has revealed how easily the lockscreen, which is protected by a pass code, can be bypassed by using Siri in its iOS 7.1.1 update.
The video shows how Siri will tell you to access the contacts list of the Apple iPhone 5SWhere to buy 19999 21946, make phone calls, send text messages, all without even unlocking the smartphone. Siri would easily let you bypass the fingerprint scanner/touch id or even the 4-digit pass code to call someone on your contact list. However, Siri will ask you to unlock the phone if you ask it to show you the contacts list.
Apple is yet to respond to the latest flaw. Although it has rolled out fixes for each of its lockscreen bypass tricks in the past. Sherif Hashim, who found the bug, suggested that users should disable Siri from lockscreen, to protect themselves. The bug also affects other devices running iOS 7.1.1, but it is not clear whether any other iOS versions are also vulnerable.
Here the video showing Siri in action.
Apple iOS 7.1.1 update was released last month and security researchers have already found a host of bugs in it. Last month, security researchers reported that the iOS 7.1.1 update comes with a bug that prevents email attachments saved on the device from being properly protected with encryption. Apple has responded by saying that they were aware of the issue and a fix is on the way. Apple stated, "We're aware of the issue and are working on a fix which we will deliver in a future software update."
Source: Sherif Hashim YouTube