Personal data at risk.
In iOS 12 found a new bug. It allows you to access contacts and photos iPhone with locked screen. A way to bypass the protection can not be called simple, but it works. Apple has not yet fixed the bug, though he had noticed in one of the previous beta versions of iOS 12.
A vulnerability in the firmware has detected a blogger EverythingApplePro. According to him, to bypass passcode using Siri and VoiceOver. Detail the entire process of hacking shown in the video, posted on YouTube.
The first attacker calls the victim’s smartphone and answers the incoming call message by selecting this option from the available list. The next step is to send a text message and press a notification in the upper part of the screen. Included voice assistant and VoiceOver bug in the firmware allow you to select target an existing contact. If the attacker sees phone numbers and personal information of all friends and acquaintances. Using VoiceOver blogger also had access to pictures stored on your iPhone.
Apple will surely eliminate the vulnerability in the next build of iOS 12. Until that time, the easiest way to protect personal data — disable access to Siri from the lock screen.