iPhone 4S owners are being warned to check their handset's settings in order to close a security hole in Siri.
If you leave your iPhone 4S unattended, someone else could use the handset to send text messages, alter calendar appointments and write emails without your permission. According to security firm Sophos even a passcode-locked iPhone 4S is vulnerable to the flaw.
"I borrowed a passcode-locked iPhone 4S from a colleague here at Sophos and, with his permission, was able to write an email, and send a text message. If I had wanted to I could have meddled with his calendar appointments too," said Sophos' senior technology consultant Graham Cluley.
In order to protect against the flaw, go to Settings, General, Passcode Lock and check that the Siri option is set to Off. This means Siri is inoperable when the handset is locked.
"What's disappointing to me is that Apple had a clear choice here. They could have chosen to implement Siri securely, but instead they decided to default to a mode which is more about impressing your buddies than securing your calendar and email system," Cluley said. He also advised using a more complex passcode.
Cluley clearly wasn't impressed by Siri. "It's not as though Siri impressed me enormously anyway during my brief play with it. Thirty percent of the time it misinterpreted what I was trying to say.