- QAnon-touting congressman sneaks ‘Epstein Didn’t Kill Himself’ into tweets Wednesday 7:12 PM
- Ocasio-Cortez met a famous drag queen–and the right melted down Wednesday 6:09 PM
- Woman says Lyft driver tried to kidnap her Wednesday 5:18 PM
- Debunking the right-wing conspiracy theories from today’s impeachment hearing Wednesday 4:29 PM
- Maroon 5 approves of the latest TikTok trend Wednesday 3:54 PM
- ‘One month left in the decade’ meme wants to know what you’ve accomplished Wednesday 3:53 PM
- Facebook Pay is the latest way to send your friends money Wednesday 3:31 PM
- Diving into ‘The Mandalorian’s first big shocker Wednesday 3:17 PM
- Disney+ will allow password sharing—to an extent Wednesday 1:12 PM
- Black server says manager refused to discipline coworkers who sent racist receipt Wednesday 12:47 PM
- Who is Jonah Hauer-King, Disney’s new Prince Eric? Wednesday 12:47 PM
- Cut Katherine Langford ‘Avengers: Endgame’ scene lands on Disney+ Wednesday 12:22 PM
- Planned Parenthood app to show abortion-seeking users their nearest options Wednesday 12:21 PM
- ‘The Imagineering Story’ offers touching insight into Walt Disney’s vision Wednesday 11:57 AM
- YouTube mom who was charged with child abuse dead at 48 Wednesday 11:39 AM
A longtime iOS tinkerer has just discovered a frighteningly easy way to view an iPhone’s photos and contacts list without a passcode or fingerprint.
On his YouTube channel, user Videosdebarraquito showcases an all new exploit that allows anyone with access to a locked iPhone 6s or 6s Plus the ability to view the phone’s contact list and photo albums. Check out the video demonstration of the exploit:
If that was a little too fast for you to catch, here are the steps:
- Activate Siri, either with the home button or by saying “Hey Siri”
- Ask Siri to search Twitter
- When Siri asks what to search for, say “@gmail.com” or the second half of any other email address.
- When Siri produces the list of results, find a tweet with a full email address in it.
- Click the tweet and then, using the 3D touch of the iPhone 6s and 6s Plus, firm press on the email address so that the pop-up window appears.
- Click “Add new contact.” From here, you’ll be able to click the photo box to view all the photos on the device. Alternatively, you can click “Add to existing contact” to browse all the other contacts saved on the device.
It’s important to note that this exploit is only possible using the 3D touch pop-up feature and, therefore, is only doable on the iPhone 6s and 6s Plus. The exploit works with iOS 9 through the newly released 9.1.3.
Additionally, while I was able to replicate this glitch with ease on my iPhone 6s Plus running iOS 9.3.1, it took a considerable number of tries to get it to work the first time.
At first, the iPhone repeatedly asked me to enter my passcode after I asked it to search Twitter. Eventually, however, the phone allowed me to search without a passcode, seemingly at random, and it hasn’t asked me for my passcode again ever since. Videosdebarraquito told me that others had similar issues at first, but that it eventually worked.
After further testing, this appears to be linked to whether or not the user has ever allowed Siri to access their Twitter account previously. You can access these preferences by going into your Settings, selecting Twitter, and then toggling the “Siri” setting off. This will prevent Siri from accessing the social network, which is required for the glitch to work.
Update 4:12pm CT, April 5: Apple has rolled out a fix for this exploit, automatically correcting it without the need to manually update your device.
Mike Wehner is a former tech editor for the Daily Dot who now writes for BGR. His work has appeared everywhere from Yahoo to CNN, and there’s a good chance his Apple Watch is dead right now.