Toggle Dark Mode
A newly discovered Siri bug in iOS 11 could reveal your private app messages, even on an iPhone that’s locked.
The bug, which was first spotted by Brazilian site MacMagazine, affects a wide range of messaging apps including WhatsApp, Signal, Telegram, and Skype.
Basically, iOS 11 allows users to hide message previews on the Lock screen unless a device is unlocked by going to
- Show Previews.
- Then Select When Unlocked.
That’s been a feature in iMessage for quite some time, but Apple recently added the functionality to third-party messaging apps in the latest software update.
But MacMagazine discovered that simply asking Siri to read your notifications — just by saying “Hey Siri, read my notifications” on the Lock screen — will have the digital assistant read off the contents of those messages. Even if the “When Unlocked” privacy feature is enabled.
The bug obviously raises privacy concerns, particularly since many of the affected apps — like Telegram and Signal — bill themselves as highly secure and encrypted platforms.
The only app it doesn’t seem to impact is the native Messages application. Siri will apparently refuse to read off iMessages unless the device is unlocked via passcode, Face ID or Touch ID — as should be the case.
The Brazilian publication confirmed that the bug affects most iPhone devices running the latest version of iOS, 11.2.6. It even seems to be present on beta builds of the currently unreleased iOS 11.3.
The bug has already been reported to Apple. It stands to reason that the company could patch the vulnerability in a future software update — maybe even before the official rollout of iOS 11.3.
In the meantime, iOS users can mitigate the privacy risks by disabling Siri access on the Lock screen. You can do so by going to Settings > Siri and making sure the Access When Locked toggle is disabled.