Security researcher Jose Rodriguez discloses steps to access contents of Notes on iOS 15 bypassing Lock Screen. Process requires use of Siri, VoiceOver and Control Center.

Being unsatisfied with Apple’s Bug Bounty program he decided to publicly disclose the vulnerability instead of reporting it through the program.

As workaround, user might disable Siri.

The Record: Researcher discloses iPhone lock screen bypass on iOS 15 launch day

Recommendations

Developer:

Keep personal devices in sight. Disable Siri or consider adding additional protection for private notes.

QA engineer:

Keep personal devices in sight. Disable Siri or consider adding additional protection for private notes.

PM/DM:

Keep personal devices in sight. Disable Siri or consider adding additional protection for private notes.

Leave a comment