Update: Because Siri’s operations can be fixed server-side, this exploit is no longer working. We tried to recreate it today, and it seems Apple has rectified the issue. You’ll now be asked to unlock the device first.
When a bug is squashed, another exploit tends to show up. After releasing a quick fix to keep the iPhone from bricking during Safari links in iOS 9.3, a video has surfaced showing a way to get into anyone’s photos or contacts through a trick of double-talk through Siri.
First spotted at the Daily Dot, Youtube user Videosdebarraquito shows how to unlock a 6s or 6s Plus with some circuitous talking and tapping — and not a single passcode. By searching through Twitter for an email address, the 3D Touch capability allows a user to tap directly into Contacts. And from there, it’s just an easy tap over to Photos.
Of course, if the phone is not 3D touch-enabled, it’s not doable.
While a fairly lengthy exploit that required a certain amount of knowledge to execute (namely, finding an email through Twitter), it’s doable. It seems that although the phone requires a passcode to access Twitter some of the time, at a certain point it stops working. From there, it’s all gravy.
Maybe time for another quick fix?