Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Siris Lockscreen Bypass A Growing Privacy Issue For iOS Users
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
kaysharbortechnology
50%
50%
kaysharbortechnology,
User Rank: Apprentice
8/31/2016 | 12:08:54 PM
Tushar Jain @ Kays Harbor Technologies
The write up has been framed properly about the security threat that IOS users are facing due to the Siri lockscreen Bypass. To know about the details of the threat, one must give a read.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
11/25/2015 | 11:17:37 PM
Silly
There really does need to be a better balance here.  on the one hand, I don't want to have to unlock my device to use the voice assistant every time I want to make a phone call or do a basic search.  On the other hand, "What's my name?" or "What's my email address?" on a locked device should yield no information without first having to unlock it.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
11/25/2015 | 11:47:16 AM
Re: Voice Recognition or High Degree of Siri Granularity
If there were more options you could decide to not have any restrictions if you wanted...but for those who would choose to keep some information restricted that would be there as well. It's an option that would benefit both sides.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/24/2015 | 11:56:29 AM
Re: Apple is correct
Another thing I just wanted to point out, I am wondering when we will start feeling more comfortable about our PII. Most are already available in Google with our picture attached, I wonder what would Siri tell us that others not already knowing? :--))

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/24/2015 | 11:53:35 AM
Re: Voice Recognition or High Degree of Siri Granularity
 I agree mainly but I do not want Siri having restriction on information she could provide.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/24/2015 | 11:52:12 AM
Re: Voice Recognition or High Degree of Siri Granularity
Agree, at the same time voice recognition could easily be compromised. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/24/2015 | 11:50:50 AM
Re: Apple is correct
Agree, one other option would be a two factor authentication on Siri, so you have a key fob in your hand unless it is in closed proximity Siri on lock screen does not work.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/24/2015 | 11:47:57 AM
Disable Siri on Lock Screen
Why is this not a reasonable solution? If you want it accessed by lock screen that simply means it is exposed to outside world. Unless there is real voice recognition which always work there is no alternative and that is not even secure. If you want to put a chip in your body so Siri can recognize you that is possible, that is not what I want tough. :--))
slivingston
50%
50%
slivingston,
User Rank: Apprentice
11/23/2015 | 9:59:08 AM
Re: Apple is correct
That is exactly what I thought. It is just like in business, you have to evaluate the risk and provide security accordingly. You are not going to have the same security on a Yugo as you would a Bugati.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
11/19/2015 | 2:04:12 PM
Voice Recognition or High Degree of Siri Granularity
I think voice recognition software would be helpful not only to security but would most likely improve the functionality of Siri. But I think the cost behind that may be extensive. I think an easier option that may be more secure would be to add more granularity to Siri's Options in Settings. You could restrict what Siri has access to and by doing that you could ensure that certain data elements remain private. Currently the options for Siri are scarce.
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Data Breaches Affect the Enterprise
Data breaches continue to cause negative outcomes for companies worldwide. However, many organizations report that major impacts have declined significantly compared with a year ago, suggesting that many have gotten better at containing breach fallout. Download Dark Reading's Report "How Data Breaches Affect the Enterprise" to delve more into this timely topic.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20859
PUBLISHED: 2021-12-01
ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-19...
CVE-2021-20860
PUBLISHED: 2021-12-01
Cross-site request forgery (CSRF) vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and ...
CVE-2021-20861
PUBLISHED: 2021-12-01
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC...
CVE-2021-20862
PUBLISHED: 2021-12-01
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-175...
CVE-2021-20863
PUBLISHED: 2021-12-01
OS command injection vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GS...