ebay scroll
Monday, November 14, 2011
[Tech] Siri Security Protocol Cracked - What's Next?
Well we all know this was inevitable. But how long does the world have to wait to have this amazing technology on other phones including Androids and other networks? Well it seems like everyday there's more progress being made and that may become reality for ALL smartphone users. You can already install Siri on your IPhone 4 and IPod touch but unfortunately it won't let you use the voice control YET. Keep Reading for official story.
Siri, whilst utilizing technology already available, has certainly caused a stir amongst the smartphone industry, with Google’s Eric Schmidt reportedly a touch scared of the new entry to Android’s main mobile OS rival.
From the get-go, hackers, developers, and general Siri enthusiasts have been involved and monitoring progress round the clock of what Siri can actually with a little manipulation. Hitherto, there’s been the iPhone 4 and iPod touch ports, the rather surprising iPhone 3GS port, as well as various other weird and wonderful potential uncovered, such as the mind-to-voice developments of two young tech enthusiasts; make of that what you will
In the very latest, the guys over at Applidium have today managed unlock Siri’s protocol, which opens the door to all sorts of possibilities. The advance means that Siri could potentially be ported through to any engine, meaning iPad and even Android users could make use of Siri through third-party apps.
Their method, although explained in great detail, was rather simple.
They began by making a simple recording: "autonomous demo of Siri", and then sought to coax Siri into analyzing it without going via the iPhone 4S.
After ascertaining that Siri communicated with a server at https://guzzoni.apple.com, they set up a fake HTTPS server and, using a fake DNS server, sought to log the incoming communications. Unfortunately, the Cupertino had done its homework, checking that guzzoni’s certificate was valid, so it was time for Plan B.
They next arranged a custom SSL certification authority, added it to their iPhone 4S, then used it to sign their own certificate for a fake "guzzoni.apple.com". This proved to be successful – Siri was happily sending commands to a faked HTTPS sever, which, as stated before, can be replicated again and again.
It’s worth noting that it is tied to a GUID, similar to the UDID (Unique Device Identifier), which is, put simply, an ingrained serial number.
With the techno-babble out of the way, it’s pretty exciting to see the first possible inroads to Siri being used on a more widespread basis. We all know that Apple tends to limit software with its closed-source ideology, but hackers will be hackers, so as we’ve seen many times, once the seal is broken -the sky is the limit.
It’s early days, but don’t be too surprised to see developments continue to emerge every couple of days from here on in!
Labels:
Tech
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment