In the video below, Hashim walks us through the trick that requires a user to activate Siri and access the contact list by saying “Contacts.” This will fail when Siri prompts the user to enter their passcode. The user can then hit “Cancel” and ask Siri again to make a call by saying “Call.” Siri then asks the user “With whom would you like to speak?,” allowing the user to enter a letter like “A” and access all the contacts that begin with the letter “A.”
You can see the trick demonstrated in the video below.
The hack requires physical access to the phone as well access to the iOS 7 version of Siri on the lock screen. I was not able to replicate the full procedure on my device, but I could pull up contacts by randomly saying name like “David.”
If it were replicated, this apparent easy access to the contacts list could be troubling to iOS owners who want their address book to remain private. If this is an issue for you, then you should take a few minutes to disable Siri on your lock screen using these instructions.
What do think of this discovery? Were you able to replicate it? Is it something to be concerned about?