BREAKING: iOS 9.3 Allows Lockscreen Bypass Using Siri
Bypassing the lockscreen on an iOS device has become a bit of a sport as Apple has had a history of having bugs in this area. Thus it doesn’t surprise me that iOS 9.3 has a shockingly easy way to bypass the lock screen. Here’s how you do it:
- Long press home button to activate Siri.
- Say the word “Time”
- Press Any row.
- Double press and navigate to another screen.
I just tried this on my iPhone 6 and it worked. Clearly Apple really dropped the ball this time. Hopefully they have a fix soon for this as I am sure they don’t want the FBI to be using this to get into iPhones that they acquire from criminals.
I’ve posted a video of the exploit in action below:
UPDATE: This seems to work for me 1 of 4 times that I try it on average. I would be interested to know if anyone else can reproduce this.
UPDATE #2: I think I understand what is going on here. If I use my pinky finger which is not registered in Touch ID to press the home button, I cannot reproduce this. However if I use a finger that is registered in Touch ID to press and hold the home button, then it allows me to go into the phone. My guess is that it is caching the fingerprint and letting me in. I also confirmed that iOS 9.2.1 does not do this. So as far as I am concerned, this is a bug, but not as serious as it could be as an unauthorized user cannot access the phone. But it is still something that Apple should fix.
UPDATE #3: The video was taken down by the user who posted it.
March 23, 2016 at 5:31 pm
I’ve tried half of a dozen times on my iPhone 5, with iOS 9.3, and have never successfully navigated away from the clock menu. Mine simply goes back to the login screen as expected.
Having said that – it has been recommended in the past to disable Siri from the lock screen, but that prevents a lot of reasonable use as well.