Warning: Don't leave your iPhone unattended or risk pranks, data theft
Thanks to the quick Camera access and power of Siri as a virtual assistant, iOS 5 and iPhone 4S are more convenient than ever -- but they also leave you open to everything from pranks to data theft. We've talked about this extensively on the iPhone Live podcast but it's worth repeating here.
Double clicking the Home button and tapping the Camera icon bypasses a Passcode Lock and instantly lets you take pictures. You can't access anything else, but if you leave your iPhone unattended, a friend or passerby can easily prank you by taking an inappropriate picture (from innocuous "funny faces" to to full on "junk attacks" -- don't ask.) If you have Photo Stream enabled, that prank picture can quickly propagate to all your other iOS devices, your PC, and your Apple TV, and the only way to remove it is to delete the entire stream.
You can't currently disable the fast Camera access. You can disable Photo Stream by going to Settings, iCloud, and toggling Photo Stream to Off.
Holding down the Home button to activate Siri also bypasses the Passcode Lock, and while Siri is prohibited from doing things like deleting contacts or performing web searches without the lock code being entered, Siri can still call numbers, delete alarms, and perform other tasks unencumbered. If someone knows a contact's name, they can get access to their email address(es), phone number(s), etc. Even if they don't know a contact's name, because relationships can be set, they can simple ask for "mom" or "boss" and get the data that way.
Friends and strangers alike can also prank you by telling Siri to address you by some funny or rude name.
You can disable Siri's Passcode bypass. Go to Settings, General, Passcode Lock and flip the Siri toggle to Off.
Convenience and security are always at opposite ends of any feature list. Each individual has to decide for themselves how much convenience they want and how much security they're willing to give up for it. (Some people choose to not even use a Passcode Lock, after all.)
Disabling Siri's Passcode bypass reduces its speed and ease of use but increases its security. You can't just hold a button and start talking to have Siri take an email, for example, while you're driving. You have to enter the unlock code first, and perhaps each time depending on your settings.
Unfortunately, Camera access and Photo Stream need to wait for Apple to provide an easy off-toggle, and a way to delete individual pictures from the stream. Disabling Photo Stream contains any pranks, but means you lose the backup and multi-device replication of the feature.
In the meantime, the best practice is, of course, to never leave your iPhone unattended, especially around people you don't know -- or people you can't trust not to prank you.
Editor-in-Chief of iMore, Executive Producer at Mobile Nations, co-host of Iterate and ZEN and TECH, cook, grappler, photon wrangler.
| Tweet |
|
|
← Previously
App Giveaway: ReaddleDocs for iPadLeave a Reply
Note: Comments must be civil, respectful, and on-topic. If a comment does not add to the conversation, if it contains spam advertising, or inappropriate language or content, it will be removed. Insulting the topic, author, staff, site, network, or other commenters will result in the comment being marked as spam and potential prevent future comments from appearing on the site. Do not post as a business or your comment will likely be confused with spam. Comments containing links may be held for moderation. Relax, enjoy, and share in the discussion.
First! All great points to take into consideration, good post. Hopefully Apple makes these changes for greater security.
First! All great points to take into consideration, good post. Hopefully Apple makes these changes for greater security.
We're going streaking!
Right now I can access the camera and then anything on the phone completely bypassing the pass code so unless there is another setting I've missed this is a flaw. And to the smug ones who say there is no problem have you never heard of mugging?
To me this is a major flaw. The purpose of a lock screen is just that. Nothing should work unless you enter your passcode. Yes there are ways around passcodes, but the home button should not be one. Why have a lock screen?
To me this is a major flaw. The purpose of a lock screen is just that. Nothing should work unless you enter your passcode. Yes there are ways around passcodes, but the home button should not be one. Why have a lock screen?
exactly. i wonder if siri can understand commands to enable/disable lockdown. the only time i wouldn't want to enter my lock code all the time is if i'm in the car...but i would want a more convenient way of managing than having to go to settings. so if forget to unlock my phone, i can punch in the code once, then tell siri to keep the phone unlocked.
exactly. i wonder if siri can understand commands to enable/disable lockdown. the only time i wouldn't want to enter my lock code all the time is if i'm in the car...but i would want a more convenient way of managing than having to go to settings. so if forget to unlock my phone, i can punch in the code once, then tell siri to keep the phone unlocked.
Oh no! The iPhone can take pictures with the stolen phone! The world is going to end!!!!!! We should immediately send back all our iPhones and boycott Apple for all eternity!!!!!
Well at least if someone steals your phone and uses it to take pictures you can not only track them using Find My Phone, but will have nice picture landmarks to help find them.
Oh no! The iPhone can take pictures with the stolen phone! The world is going to end!!!!!! We should immediately send back all our iPhones and boycott Apple for all eternity!!!!!
I'll take the chance with Siri, in the early days of smartphones and Facebook i learned to never leave my phone lying about lest I be fraped, but Photostream is flawed anyway in my opinion, it's been turned off now.
I save a lot of stuff to the camera roll that i get emailed, or funny stuff i come across on the web that also demands being forwarded. I don't want that junk appearing in my photo stream. It should be limited to only that which is taken by the camera. And being able to delete single images is a no brainer surely.
I'll take the chance with Siri, in the early days of smartphones and Facebook i learned to never leave my phone lying about lest I be fraped, but Photostream is flawed anyway in my opinion, it's been turned off now.
I save a lot of stuff to the camera roll that i get emailed, or funny stuff i come across on the web that also demands being forwarded. I don't want that junk appearing in my photo stream. It should be limited to only that which is taken by the camera. And being able to delete single images is a no brainer surely.
UberFAIL. lol.
5.0.1 should address these. Weird they dropped the ball on this.
"Uberfail"? Why, because you can't turn off a damn camera button? They can't even access your pictures from it!
Yes, it is because the only way to keep from the problems noted in the article is to turn off these highly touted new features. Basically they are useless without a leash on your device.
Granted, this is only an issue for peeps around pranksters but still...Apple dropped the ball here. I seriously would have to delete my wife's ENTIRE photo stream to nix a picture? How is that not a major fail?
Yes, it is because the only way to keep from the problems noted in the article is to turn off these highly touted new features. Basically they are useless without a leash on your device.
Granted, this is only an issue for peeps around pranksters but still...Apple dropped the ball here. I seriously would have to delete my wife's ENTIRE photo stream to nix a picture? How is that not a major fail?
You sir are the DEVILS ADVOCATE ! ( And that is meant as a compliment my friend )
LMBO. I do play that role sometimes, even when I agree w/ the person/people in the conversation.
@ Devils Advocate ,
Nothing wrong with that. Some of the best kind of arguments Ive had are the ones I had with myself! lol
"Uberfail"? Why, because you can't turn off a damn camera button? They can't even access your pictures from it!
UberFAIL. lol.
5.0.1 should address these. Weird they dropped the ball on this.
this is awesome i cant wait to prank all my friends!!!!
this is awesome i cant wait to prank all my friends!!!!
If this had been done by Google or Microsoft or RIM there would've been screaming and threats of lawsuits. And before anybody starts, I'm an Apple fanboy.
You're right.
You're right.
Lawsuits for what exactly? Illegal implementation of camera button?
Lawsuits for what exactly? Illegal implementation of camera button?
If this had been done by Google or Microsoft or RIM there would've been screaming and threats of lawsuits. And before anybody starts, I'm an Apple fanboy.
The remote passcode setting feature of "Find my iPhone" should also include an option to remotely turn off Siri's passcode bypass.
The remote passcode setting feature of "Find my iPhone" should also include an option to remotely turn off Siri's passcode bypass.
I'm laughing so hard right now lol
I'm laughing so hard right now lol
Honestly, who the hell leaves their phone laying around? No pity.
Honestly, who the hell leaves their phone laying around? No pity.
Scarlett Johansson is probably sitting somewhere now scared or saying "Thank goodness I didn't get the iPhone 4S" lol
Scarlett Johansson is probably sitting somewhere now scared or saying "Thank goodness I didn't get the iPhone 4S" lol
Data theft? What about ACTUAL theft? Why would you leave your phone unattended? If they can mess with it they can steal it and hack it at their leisure.
You are the same people who make pay toilets aren't you?
I think what they mean is about leavin your home unattended at your own place or a friends , when you take a leak or something like that .
Hmm if I'm going to the toilet I'm taking my phone for something to do... iPoo is pretty cool
.
Well yeah but be careful about iFlush
and also iRuns
Data theft? What about ACTUAL theft? Why would you leave your phone unattended? If they can mess with it they can steal it and hack it at their leisure.
You are the same people who make pay toilets aren't you?
Why do you people leave your iPhone lying around when you're in a public place or with other people? I never let my iPhone out of sight and even though I have no passcode on it, I've never got faceraped or had any of my data stolen. I simply can't understand why you'd need a passcode on a device that's with you at all times. But then again, I don't have any confidential Pentagon files on my iPhone, maybe other people do...,
Before this week, I would have agreed but this week I left my phone at a temporary desk while I ran to do a few things.
It happens.
For those situations, there are apps that will sound an alarm if you move the phone without inputting a passcode. Sure, you can quit the app by pressing the home button but no thief or friend is going to carefully press the home button before taking the iPhone from the desk. I've succesfully used it when sleeping at a hospital (it would've been uncomfortable to sleep with the iPhone in my pocket) and no one took it.
That's too much. Hospital? Airport? Yeah...that's coo but on a general basis...nah.
Before this week, I would have agreed but this week I left my phone at a temporary desk while I ran to do a few things.
It happens.
Why do you people leave your iPhone lying around when you're in a public place or with other people? I never let my iPhone out of sight and even though I have no passcode on it, I've never got faceraped or had any of my data stolen. I simply can't understand why you'd need a passcode on a device that's with you at all times. But then again, I don't have any confidential Pentagon files on my iPhone, maybe other people do...,
Meh, I just don't let my phone leave my sight, generally. And I'd hate to have a passcode to get into my phone every single time. Mine has always been unlocked, but I don't exactly have anything to hide.
Meh, I just don't let my phone leave my sight, generally. And I'd hate to have a passcode to get into my phone every single time. Mine has always been unlocked, but I don't exactly have anything to hide.
What, no voice pattern recognition for Siri?
Srsly
What if when your phone was locked with a passcode Siri would ask you for the passcode before allowing you access to any of its features?
It does that for some features, but not all. Anything that Siri can do without accessing another app doesn't require the passcode. So things like sending emails can be done while the screen is locked, but asking for directions cannot.
This article is dumb.
Siri or none, lockscreen camera or none, i NEVER EVER leave my $700 iphone unattended. Its the most expensive, most sought-after thing I carry around. Anyone who would leave any personal data-rich smartphone unattended is prolly not that smart.
Is there a possibility that after Siri gets out of Beta that we will be able to use a voice activation? For example, holding the home button, receiving a audible/visual prompt, then saying our password "abracadabra" and that would then allow Siri to access the her full functionality! This could be a secondary unlocking mechanism, keeping the passcode entry for more public venues and using the voice activation for on the go in the car, etc.
These aren't bugs they're features!
BTW, I love the Siri prank.
I don't leave my phone laying around but lets just say it falls ou of my pocket or someone grabs it off my belt? I previously liked the idea that the couldn't get into the phone. Now the flip up the camera and press home button and have access to data files, confidential emails, contacts, relatives info etc etc - why put this release out ther when they knew it didn't work properly.