Modernizing Authentication — What It Takes to Transform Secure Access
The iPhone 4S' new voice-activated Siri personal assistant will allow a complete stranger to control your phone even if it's locked with a passcode.
"I borrowed a passcode-locked iPhone 4S from a colleague here at Sophos and, with his permission, was able to write an email, and send a text message," writes Sophos' Graham Cluley. "If I had wanted to I could have meddled with his calendar appointments too."
"What's disappointing to me ... is that Apple had a clear choice here," Cluley writes. "They could have chosen to implement Siri securely, but instead they decided to default to a mode which is more about impressing your buddies than securing your calendar and email system."
Go to "Has Siri left your iPhone 4S unlocked?" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.