Privacy breaches have unfortunately become commonplace in a world where much of our lives exist digitally. And now, we may have been betrayed by one nearest and dearest to our hearts and iPhones: a Siri bug on iOS 11 exposes users’ private information. Et tu, Siri? We’ve come to expect this from Facebook ... but you? Bustle reached out to Apple who said, “We are aware of the issue and it will be addressed in an upcoming software update.”
The bug was discovered by an iPhone user, as reported by Mac Magazine. Apple’s iOS 11 included the option for users to hide message content from notifications on their lock screens. For example, if you received a text, the notification would just say “message” rather than a preview of the text. The notification could then only be read via Touch ID, Face ID, or typing in the passcode. However, there is a bug that works around the update pretty easily: just ask Siri to read the notification.
Yep, the bug is simply just saying, “Hey Siri, read my notifications.” Regardless of whether you’ve set you’ve set your notification previews to only show “when unlocked” in setting, Siri will read your notification in full.
According to Mashable, who tested the bug, the issue extends to iPhone X and iPhone 8 Plus running iOS 11.2.6, which is the latest version of iOS. The bug appears to affect apps like WhatsApp and Skype, according to tests from both Mashable and Mac Magazine. However, Mashable reports the bug did not seem to affect notifications from iMessage, but that appears to be the only messaging app unaffected by the bug.
Until the impending update, here is a workaround for the bug:
- Turn off lock screen notifications for sensitive apps (Go to the app in Settings > Notifications > Show on Lock Screen)
- Disable Siri whenever the device is locked (Settings > Siri & Search > Allow Siri When Locked)
While the bug may seem silly — it is literally just asking Siri to read your private message notifications — it is pretty serious. As Mashable points out, it essentially leaves your private messages vulnerable to anyone within shouting distance of your phone. If you’ve gone to the trouble of setting your message notifications to private, only being accessible via an initial security wall, it’s probably pretty unsettling to know that anyone is capable of bypassing that wall by just asking Siri.
If you’re unfamiliar of how private notifications work, this video from Mac Magazine does a good job of demonstrating how Face ID unlocks them. (I know we’re all bummed that, like, teleportation and fully functioning hoverboards are a readily available thing yet. But you have to admit that seeing text reveal itself after someone unlocks their phone with their face is truly a “The Future Is Now” moment. I mean, Marty McFly would definitely be impressed.)
Earlier this year, a security bug in Apple was causing users’ devices to shut down via a “text bomb”. Basically, the bug would freeze your iPhone if someone sent you a message with the corrupted link. You didn’t even need to click the link to have your device affected by the phone. Fortunately, Apple released a software update resolving the bug (which initially discovered by a software developer “fuzzing” with the code).
Perhaps the most common Apple bug in recent memory, or at least the one most-tweeted about, was the glitch in the letter “I”. For some users who updated to iOS 11.1, the letter “I” would change to “A” and a question mark when typed out. Confusing on many levels. While there were ways for users to self-correct the bug via “text replacement” in settings, an iOS update has remedied the situation, allowing us all to text and tweet the letter “I” as per usual.
Here’s hoping the latest bug is remedied quickly, and we can all go back to trusting Siri with all our hearts and data.