Published November 7, 2018
Just a few hours after Apple launched iOS 12.1 – which contained a few new features and a large slider with bug fixes, a security scientist identified a new privacy error. Researcher Jose Rodriguez recently wrote headlines a few weeks ago after identifying a problem with Siri similar to this new security issue. In both cases, an unauthorized user can access limited information by bypassing the user's PIN. Although exploits require physical access to your device, they may result in exposure of images (in the case of Siri exploit) and contact information that would otherwise remain private.
The core of the problem this time is an apparent security monitoring in one of iOS 1
If anyone wanted to sneak through a destination phone, they had access, all they need to do is call the phone or use the Siri Assistant to call. Once connected, the call switches to FaceTime mode immediately and tapes the "Add Person" button, allowing the user to start exploring the phone's contacts. Although the phone was locked before you received the call, the contact list will be available without additional authentication that is required. Full details of each contact entry are available with this utilization.
When revealing contact details, it is not good, it is limited by the fact that physical, direct access to the phone is required. The bigger problem is the fact that this is another in a wide range of newer security issues on Apple's part. While he confesses working to be the safest operating system out there, Apple continues to leave the side door open and allow personal information to leak by accident. At the moment, no solution can solve this, but disabling Siri can make it harder for a faster entry if they do not know your phone number. Since iOS 12.1 just came out, it may take some time before a patch appears to close this loophole.