- Senators fear government shutdown may affect FTC investigation of Facebook Today 3:43 PM
- Buy beer for a furloughed government worker with this new website Today 3:19 PM
- Alexandria Ocasio-Cortez is teaching Congress how to tweet Today 2:42 PM
- Congressmen held genetics meeting with Chuck Johnson, despite his past racist claims about genetics Today 2:26 PM
- Female bodyguard thriller ‘Close’ is disappointingly un-thrilling Today 2:01 PM
- Twitter faces backlash for insensitive ‘triggers’ joke Today 1:13 PM
- 10 user-recommended sites for live tarot readings that are almost too good to be true Today 12:08 PM
- AsapSCIENCE comes for Jake Paul over Mystery Brand scam Today 11:34 AM
- Why ‘I never thought of it like that’ can actually be deeply offensive Today 11:26 AM
- Save 40% on the Fire TV Stick 4K when you rent textbooks through Amazon Today 11:05 AM
- Netflix reportedly used real disaster footage in ‘Bird Box’ Today 10:53 AM
- Holocaust denier Chuck Johnson spotted with 2 congressmen in Capitol Today 10:30 AM
- YouTuber who made popular Darth Vader fan film prevails in copyright fight Today 10:09 AM
- Mariah Carey says she ‘doesn’t acknowledge time’ in her 10-year challenge photos Today 10:06 AM
- Beto O’Rourke under fire for supporting controversial Thin Blue Line Act Today 9:26 AM
New iOS 9.3.1 exploit lets anyone access your photos and contacts without a passcode
It’s a finicky trick, but it definitely works.
A longtime iOS tinkerer has just discovered a frighteningly easy way to view an iPhone’s photos and contacts list without a passcode or fingerprint.
On his YouTube channel, user Videosdebarraquito showcases an all new exploit that allows anyone with access to a locked iPhone 6s or 6s Plus the ability to view the phone’s contact list and photo albums. Check out the video demonstration of the exploit:
If that was a little too fast for you to catch, here are the steps:
- Activate Siri, either with the home button or by saying “Hey Siri”
- Ask Siri to search Twitter
- When Siri asks what to search for, say “@gmail.com” or the second half of any other email address.
- When Siri produces the list of results, find a tweet with a full email address in it.
- Click the tweet and then, using the 3D touch of the iPhone 6s and 6s Plus, firm press on the email address so that the pop-up window appears.
- Click “Add new contact.” From here, you’ll be able to click the photo box to view all the photos on the device. Alternatively, you can click “Add to existing contact” to browse all the other contacts saved on the device.
It’s important to note that this exploit is only possible using the 3D touch pop-up feature and, therefore, is only doable on the iPhone 6s and 6s Plus. The exploit works with iOS 9 through the newly released 9.1.3.
Additionally, while I was able to replicate this glitch with ease on my iPhone 6s Plus running iOS 9.3.1, it took a considerable number of tries to get it to work the first time.
At first, the iPhone repeatedly asked me to enter my passcode after I asked it to search Twitter. Eventually, however, the phone allowed me to search without a passcode, seemingly at random, and it hasn’t asked me for my passcode again ever since. Videosdebarraquito told me that others had similar issues at first, but that it eventually worked.
After further testing, this appears to be linked to whether or not the user has ever allowed Siri to access their Twitter account previously. You can access these preferences by going into your Settings, selecting Twitter, and then toggling the “Siri” setting off. This will prevent Siri from accessing the social network, which is required for the glitch to work.
Update 4:12pm CT, April 5: Apple has rolled out a fix for this exploit, automatically correcting it without the need to manually update your device.
Mike Wehner is a former tech editor for the Daily Dot who now writes for BGR. His work has appeared everywhere from Yahoo to CNN, and there’s a good chance his Apple Watch is dead right now.