- Alexandria Ocasio-Cortez supports resolution that could lead to Trump’s impeachment Thursday 9:46 PM
- Ricardo Milos dancing memes are the new Rickroll Thursday 9:09 PM
- Laura Loomer sues Twitter, Muslim lobbying group over account ban Thursday 8:15 PM
- Far-right troll Ian Miles Cheong gets flamed for mocking a ‘Star Wars’ fan Thursday 6:17 PM
- Facebook says ‘millions,’ not ‘tens of thousands,’ affected by Instagram password bug Thursday 5:13 PM
- Leading 2020 Democrats mock redactions in Mueller report Thursday 4:04 PM
- 8 weed accessories for stealthy stoners Thursday 4:00 PM
- Super Smash Bros. Ultimate players are now fighting on giant d*cks Thursday 3:37 PM
- Why are Facebook and Google translating this Spanish word into a racial slur? Thursday 3:32 PM
- Instagram page encourages meme creators to join a meme union Thursday 3:24 PM
- 28 smokin’ hot gifts for your stoner friend Thursday 1:33 PM
- The 5 most important conclusions from Robert Mueller’s report Thursday 1:28 PM
- Facebook bans many of the U.K.’s infamous far-right groups Thursday 1:15 PM
- Cersei and Tyrion Lannister learned about respect from Elmo Thursday 12:57 PM
- The Mueller Report includes a footnote about the pee tape Thursday 12:08 PM
New iOS 9.3.1 exploit lets anyone access your photos and contacts without a passcode
It’s a finicky trick, but it definitely works.
A longtime iOS tinkerer has just discovered a frighteningly easy way to view an iPhone’s photos and contacts list without a passcode or fingerprint.
On his YouTube channel, user Videosdebarraquito showcases an all new exploit that allows anyone with access to a locked iPhone 6s or 6s Plus the ability to view the phone’s contact list and photo albums. Check out the video demonstration of the exploit:
If that was a little too fast for you to catch, here are the steps:
- Activate Siri, either with the home button or by saying “Hey Siri”
- Ask Siri to search Twitter
- When Siri asks what to search for, say “@gmail.com” or the second half of any other email address.
- When Siri produces the list of results, find a tweet with a full email address in it.
- Click the tweet and then, using the 3D touch of the iPhone 6s and 6s Plus, firm press on the email address so that the pop-up window appears.
- Click “Add new contact.” From here, you’ll be able to click the photo box to view all the photos on the device. Alternatively, you can click “Add to existing contact” to browse all the other contacts saved on the device.
It’s important to note that this exploit is only possible using the 3D touch pop-up feature and, therefore, is only doable on the iPhone 6s and 6s Plus. The exploit works with iOS 9 through the newly released 9.1.3.
Additionally, while I was able to replicate this glitch with ease on my iPhone 6s Plus running iOS 9.3.1, it took a considerable number of tries to get it to work the first time.
At first, the iPhone repeatedly asked me to enter my passcode after I asked it to search Twitter. Eventually, however, the phone allowed me to search without a passcode, seemingly at random, and it hasn’t asked me for my passcode again ever since. Videosdebarraquito told me that others had similar issues at first, but that it eventually worked.
After further testing, this appears to be linked to whether or not the user has ever allowed Siri to access their Twitter account previously. You can access these preferences by going into your Settings, selecting Twitter, and then toggling the “Siri” setting off. This will prevent Siri from accessing the social network, which is required for the glitch to work.
Update 4:12pm CT, April 5: Apple has rolled out a fix for this exploit, automatically correcting it without the need to manually update your device.
Mike Wehner is a former tech editor for the Daily Dot who now writes for BGR. His work has appeared everywhere from Yahoo to CNN, and there’s a good chance his Apple Watch is dead right now.