The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Apple Siri

Hackers Can Silently Control Your Google Home, Alexa, Siri With Laser Light

Hackers Can Silently Control Your Google Home, Alexa, Siri With Laser Light
November 05, 2019Mohit Kumar
A team of cybersecurity researchers has discovered a clever technique to remotely inject inaudible and invisible commands into voice-controlled devices — all just by shining a laser at the targeted device instead of using spoken words. Dubbed ' Light Commands ,' the hack relies on a vulnerability in MEMS microphones embedded in widely-used popular voice-controllable systems that unintentionally respond to light as if it were sound. According to experiments done by a team of researchers from Japanese and Michigan Universities, a remote attacker standing at a distance of several meters away from a device can covertly trigger the attack by simply modulating the amplitude of laser light to produce an acoustic pressure wave. "By modulating an electrical signal in the intensity of a light beam, attackers can trick microphones into producing electrical signals as if they are receiving genuine audio," the researchers said in their paper [ PDF ]. Doesn't this so

Apple Changes the Way It Listens to Your Siri Recordings Following Privacy Concerns

Apple Changes the Way It Listens to Your Siri Recordings Following Privacy Concerns
August 29, 2019Swati Khandelwal
Apple today announced some major changes to its controversial 'Siri audio grading program' following criticism for employing humans to listen to audio recordings of users collected via its voice-controlled Siri personal assistant without their knowledge or consent. The move came a month after The Guardian reported that third-party contractors were regularly listening to private conversations of Apple users giving voice commands to Siri in a bid to improve the quality of its product's response. While the data received by the contractors were anonymized and not associated to Apple devices, the private conversations—which also includes private discussions between doctors and patients, business deals, seemingly criminal dealings, people having sex and so on—sometimes reveal identifiable details like a person's name or medical records. In response to the backlash Apple received after the report went public, the company initially responded by temporarily suspending

New iPhone Passcode Bypass Hack Exposes Photos and Contacts

New iPhone Passcode Bypass Hack Exposes Photos and Contacts
October 02, 2018Wang Wei
Looking for a hack to bypass the passcode or screen lock on iPhones? Jose Rodriguez, an iPhone enthusiast, has discovered a passcode bypass vulnerability in Apple's new iOS version 12 that potentially allows an attacker to access photos and contacts, including phone numbers and emails, on a locked iPhone XS and other recent iPhone models. Rodriguez, who also discovered iPhone lock screen hacks in the past, has posted two videos (in Spanish) on his YouTube channel under the account name Videosdebarraquito demonstrating a complicated 37-step iPhone passcode bypass process. The iPhone authorization screen bypass flaw works on the latest iPhones, including the iPhone XS, running Apple's latest iOS 12 beta and iOS 12 operating systems. Video Demonstrations: Here's How to Bypass iPhone Passcode As you can watch in the video demonstrations, the iPhone hack works provided the attacker has physical access to the targeted iPhone that has Siri enabled and Face ID either disa

Hackers Can Silently Control Siri, Alexa & Other Voice Assistants Using Ultrasound

Hackers Can Silently Control Siri, Alexa & Other Voice Assistants Using Ultrasound
September 07, 2017Swati Khandelwal
What if your smartphone starts making calls, sending text messages, and browsing malicious websites on the Internet itself without even asking you? This is no imaginations, as hackers can make this possible using your smartphone's personal assistant like Siri or Google Now. A team of security researchers from China's Zhejiang University have discovered a clever way of activating your voice recognition systems without speaking a word by exploiting a security vulnerability that is apparently common across all major voice assistants. DolphinAttack (Demo): How It Works Dubbed DolphinAttack , the attack technique works by feeding the AI assistants commands in ultrasonic frequencies, which are too high for humans to hear but are perfectly audible to the microphones on your smart devices. With this technique, cyber criminals can "silently" whisper commands into your smartphones to hijack Siri and Alexa, and could force them to open malicious websites and even

New Hack: How to Bypass iPhone Passcode to Access Photos and Messages

New Hack: How to Bypass iPhone Passcode to Access Photos and Messages
November 17, 2016Swati Khandelwal
Setting a passcode on your iPhone is the first line of defense to help prevent other people from accessing your personal details. However, it's pretty much easy for anyone with access to your iPhone to bypass the passcode protection (doesn't matter if you configured Touch ID or not) and access your personal photos and messages. A new critical security flaw discovered in iOS 8 and newer, including 10.2 beta 3, allows anyone to bypass iPhone's passcode and gain access to personal information using the benevolent nature of Apple's personal assistant Siri. The security glitch has been discovered by EverythingApplePro and iDeviceHelps and now that they have gone public with a video demonstration, you can expect Apple to fix this issue in the next iOS beta version. All an attacker need is to find out the phone number of the target's iPhone and access to the phone for a few minutes. But, what if you don't have target's phone number? No worries. You can

Hacker reveals How to Bypass iPhone 6s Lock Screen Passcode [Video]

Hacker reveals How to Bypass iPhone 6s Lock Screen Passcode [Video]
April 06, 2016Swati Khandelwal
Apple gave you a reason to turn your Siri OFF. A critical security flaw in Apple's newest iPhones running the latest version of the iOS operating system allows anyone to bypass the phone's lockscreen and gain access to personal information. The iPhone lockscreen bypass bug only works on the iPhone 6S and iPhone 6S Plus, as these devices take advantage of the 3D Touch functionality that is used to bypass the lockscreen passcode and access photos and contacts. The lockscreen bypass bug is present in iOS 9.2 and later, including the latest iOS 9.3.1 update, released last week. Anyone with physical access to an affected iPhone can gain access to the victim's photos, emails, text and picture messages, contacts, and phone settings, according to the Full Disclosure mailing list. Here's How to bypass iPhone's Lockscreen Step 1: If you own iPhone 6S or 6S Plus, first lock your device. Step 2: Invoke Siri and speak 'Search Twitter.'

Hackers Can Use Radio-waves to Control Your Smartphone From 16 Feet Away

Hackers Can Use Radio-waves to Control Your Smartphone From 16 Feet Away
October 14, 2015Swati Khandelwal
What if your phone starts making calls, sending text messages and browsing Internet itself without even asking you? No imaginations, because hackers can make this possible using your phone's personal assistant Siri or Google Now. Security researchers have discovered a new hack that could allow hackers to make calls, send texts, browser a malware site, and do many more activities using your iOS or Android devices' personal assistant Siri or Google Now — without even speaking a single word. A Group of researchers from French government agency ANSSI have discovered that a hacker can control Apple's Siri and Android's Google Now by remotely and silently transmitting radio commands from as far as 16 feet away... ...only if it also has a pair of headphones plugged into its jack. How does the Hack Work? It is very interesting and a mind-blowing technique. The Hack utilizes: An iPhone or Android handset with headphones plugged in A radio tra

iOS 9 Hack: How to Access Private Photos and Contacts Without a Passcode

iOS 9 Hack: How to Access Private Photos and Contacts Without a Passcode
September 22, 2015Swati Khandelwal
Setting a passcode on your iPhone is the first line of defense to help prevent other people from accessing your device. However, it's pretty easy for anyone to access your personal photographs and contacts from your iPhone running iOS 9 in just 30 seconds or less, even with a passcode and/or Touch ID enabled. Just yesterday, the Security firm Zerodium announced a Huge Bug Bounty of 1 Million Dollars for finding out zero-day exploits and jailbreak for iPhones and iPads running iOS 9. Now... A hacker has found a new and quite simple method of bypassing the security of a locked iOS device (iPhone, iPad or iPod touch) running Apple's latest iOS 9 operating system that could allow you to access the device's photos and contacts in 30 seconds or less. Yes, the passcode on any iOS device running iOS 9.0 is possible to bypass using the benevolent nature of Apple's personal assistant Siri. Here's the List of Steps to Bypass Passcode: You need to follow

Facebook M: Facebook's Answer to Siri, Cortana and Google Now

Facebook M: Facebook's Answer to Siri, Cortana and Google Now
August 27, 2015Khyati Jain
Microsoft's 'Cortana', Google's 'Google Now', Apple's 'Siri', Now meet Facebook's 'M.' Facebook's announcement to introduce their Personal Digital Assistant "M" comes with powers within the Facebook Messenger. It is a similar virtual assistant like Google Now, Apple's Siri and Microsoft's smart digital assistant Cortana. It seems that all the intelligence that resides within the personal digital assistants already in the market are nothing in front of M's capabilities, according to the Facebook post by David Marcus , Vice President of Messaging Products at Facebook. Three days ago, Microsoft had boosted the powers of Android users by making Cortana accessible on Android devices. Now listening to Facebook's launch of 'M', rival companies would have definitely face-palmed! What Can I Help You With? The virtual assistant software "M" is truly going to support you by doing the

Hijacking WhatsApp Account in Seconds Using This Simple Trick

Hijacking WhatsApp Account in Seconds Using This Simple Trick
June 05, 2015Wang Wei
The hugely popular smartphone messaging service WhatsApp, acquired by Facebook for over $20 billion last year, has reportedly been found to be prone to hijacking without unlocking or knowing your device password, making its hundreds of Millions of users vulnerable to, not just hackers, but also non-technical people. This trick lets anyone surrounds you to get effectively control over your WhatsApp account. The attacker needs nothing more than a phone number of the target person and access to the target mobile phone for a few seconds, even if it is locked. Hacking Whatsapp account in such scenario is not hard for your friends and colleagues. This is not actually a loophole or vulnerability in WhatsApp, and rather it is just the way WhatsApp is designed and its account setup mechanism works. NOTE: Moreover, we aren't encouraging users to hack others WhatsApp account , but the purpose of publishing this article is to warn and remind our readers that you should be extr

Apple Admits Siri Voice Data is Being shared with Third Parties

Apple Admits Siri Voice Data is Being shared with Third Parties
March 12, 2015Wang Wei
It has been known from year 2013 that commands we have been whispering to Siri are being stored on Apple servers for up to two years for analysis, but this news might be the most shocking development yet. Apple admits that its Siri — an intelligent personal assistant for iPhone, iPad and iPod Touch devices — is collecting and also transmitting users voice data to 3rd party companies, which was disclosed in an unsurprising revelation two weeks back on Reddit. FallenMyst , a Reddit user claimed to had recently started a new job with a company called Walk N' Talk Technologies, where job profile requires her to listen voice data collected from Apple, Microsoft users and check for incorrect interpretations. " I get to listen to sound bites [sic] and rate how the text matches up with what is said in an audio clip and give feedback on what should be improved. " Fallenmyst wrote. " Guys, I'm telling you, if you've said it to your phone, it's been recorded…and
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.