According to new reports, Apple's iPhone 6s and 6s Plus have a bug that allows hackers to bypass the lock screen.
The bug was first revealed in a video in Spanish on YouTube by a user called videosdebarraquito, but another user named EverythingApplePro has posted a new English video on the bug. According to these YouTubers, the bug depends on Siri's access to the device's contacts and photos. To exploit the bug, simply ask Siri to "search Twitter" for "gmail.com" and select a legitimate email that pops up in the search. Once you click on this email, you can create a contact using the device's 3D Touch capabilities, which then allows you to access the device's photos and contacts. For this bug to work, Siri must be integrated with Twitter and your Photos app, though this is rather commonplace among heavy Siri users. EverythingApplePro demonstrated the bug in his video, and even disabled Touch ID so viewers could see that he did not inadvertently unlock the device by activating Siri. This bug works with the latest version of iOS and iOS 9.3.1, but is limited to 3D Touch-enabled devices.
Last week, Apple released iOS 9.3.1 for iPhones and iPads to fix a different bug in iOS 9.3. The bug affects the Universal Links feature, a new way to connect links with native apps, causing the devices to crash when clicking on a hyperlink. Some developers, including Booking.com, associated their apps with too many domains, overflowing the swcd process that checks Universal Links. Apple did not announce the new update, but it is available for users on their devices.
Photo: © iStock.