Apple’s Siri feature might be dangerous to users, and should to be taken to caution, even on a locked device.
According to Quartz, a security flaw in Apple’s iOS can easily let anyone to send a message or make a phone call on someone else locked device by saying ‘Hey Siri’.
However, to take advantage of the digital assistant, the person had to have a similar voice to that of the device owner.
Meaning, if a user is able to activate Siri on a locked device, they may be able to read hidden notifications aloud if they were sent via third-party apps like Facebook Messenger, Slack or Signal, re-dial the last number called, and peek into messages.
The Siri feature is offered on every iPhone released after the iPhone 6S which was launched in September 2015. The flaw was discovered in iOPS 11 and it is unclear if Apple has resolved the bug in iOS 12, the report added.
But users who would want their messages to stay private can disable Siri whenever their phone is locked by going to Settings, selecting Siri & Search and then disabling ‘Allow Siri When Locked’. Additionally, ‘Hey Siri’ can be disabled by going to Settings, selecting Siri & Search and turning off ‘Listen for Hey Siri’.