Hi! Thanks for reading. This post looks better in our award-winning app, Tips & Tricks for iPhone.
Apple has implemented a fix on its iOS 9.3 software to address an passcode vulnerability which was reported to allow access to photos and contacts without verifying the user via passcode or Touch ID.
These could be accessed via Siri when a user asked Apple’s virtual assistant to search Twitter. Those exploring the bug found they could call up Siri and ask to search the social network for an email address, and when tapping on an email address, the Contacts app would open, allowing them to access both a user’s contacts, but also photos if they were to add an image to the contact.
Naturally, this would be a concern for users, and even though it’s quite a convoluted process, once a bypass is known, others might specifically use it to break into the contacts or images on a user’s phone.
Luckily, Apple was able to fix the bug from the server side without pushing out another iOS 9.3.x for users to download.
The fix was implemented at some point in the last 24 hours; the result is if you were to ask Siri to “search Twitter” while on the lock screen, Siri will now respond by saying “you’ll need to unlock your iPhone first.”
Night Shift Mode
The new feature in iOS 9.3, Night Shift Mode, which enables users to control the color of the screen at certain times of the day, i.e. reducing the amount of harsher blue light which could affect sleep patterns later in the day, has also been tweaked.
Previously, it was possible for users to activate the feature while in Low Power Mode – a mode that users are given the option of turning on when their battery falls to 20% (or indeed, via Settings at any percentage).
This was also down to Siri; users could simply ask Siri to turn Night Shift on when in Low Power Mode and Siri would be happy to accommodate. Since the update, Siri now responds to this request with “In order to turn on Night Shift, I’ll have to turn off Low Power Mode. Shall I continue?”
As these fixes have been turned on at Apple’s side, users won’t need to do anything for them to take affect.