As far as exploits go, this one’s pretty low-key. If someone knows the trick, they can have Siri read your messages, email, or post to your Twitter account. They can’t bypass the lock screen or actually get into any apps, though. This trick works on iOS 7.0 and up. Here’s how to do it:
- Turn off Wi-Fi from the Control Center (if you’re connected to Wi-Fi)
- Ask Siri a question
- Eject the SIM card, then put it back in
- When you’re reconnected to the carrier, tap the “Edit” button in Siri and modify the question to ask “Read me all my messages”, “Read my email”, “Post to Twitter”, or “Send an email”. Whatever you choose, you have to edit the text for it to work.
That’s it. I tried asking Siri to do other things like launch apps to see if I could get around the actual lock screen, but it just freezes up and doesn’t do anything. So, the only thing that people will get access to is a few recent emails and messages, and the ability to send messages out as you.
As usual, the only way to protect yourself against the exploit is to disable Siri on the lock screen. Head into Settings > Touch ID & Passcode and uncheck the “Siri” button under “Allow Access When Locked.”