Apple's iPhones and its proprietary iOS mobile software boast of optimum security as compared to Android smartphones. But a bug in the most recent iOS 11 software challenges the very nature of Apple's privacy.
Brazilian website Mac Magazine reported that a bug in all versions of iOS 11, including the latest iOS 11.3 (beta), allows Siri to read out content from app notifications even when they've been hidden. Simply by asking Siri to "read my notifications" the voice assistant will read out content from a wide range of apps, such as WhatsApp, Gmail, Facebook Messenger, Slack, and others. But the bug doesn't affect stock apps like Mail and iMessage.
Since Siri is not equipped with the capability to distinguish between different voices, it gives a free reign to anyone with access to an iPhone to command Siri to read out notifications. Siri bypassing the iPhone's lock and hidden notification setting is of major concern as users might have personal and confidential information on their WhatsApp, Gmail or even Slack.
Apple has acknowledged the problem and promised a fix soon.
"We are aware of the issue and it will be addressed in an upcoming software update," the iPhone-maker said in a statement to MacRumors. Considering the iOS 11.3 is still in beta testing, Apple could add a fix to the bug before it publicly releases the software in the coming weeks.
If users are curious to see whether the bug affects them, go to Settings > Notifications > select an app (preferably a messaging app) > Show Previews > and click on When Unlocked. With this setting enabled, lock screen notifications will remain hidden until a user authenticates with Face ID, Touch ID or passcode. Now when you receive a notification, just ask Siri to "read my notification".
As pointed out by MacRumors, Apple iPhone X users have a reason to be worried by this bug. Lock screen notifications are hidden by default on iPhone X until a user authenticates with Face ID. With the existence of the bug, most of the notifications on iPhone X can be read out loud without requiring owner's permission.
What can you do?
Thankfully there are some basic settings that can prevent Siri from reading out your personal messages without authentication, but it takes a toll at some of your convenience.
Users can disable Siri when iPhone is locked. To do so, go to Settings > Siri & Search > Disable Allow Siri When Locked.
Another option is to turn off lock screen notifications to apps you think to carry sensitive information. To do so, go to Settings > Notifications > select an app and turn off Show on Lock Screen.
iOS 11 riddled with problems
This is not the first time iOS 11 has risked users privacy. Recently, a firm called Cellebrite claimed it has the technology to crack any iPhone powered by iOS 11 without the need for fingerprint ID or passcode. Cellbrite has a high-profile client list, which includes US government agencies and some private businesses.