It's been a trying month for Apple's security team: First, a researcher pokes a hole
in the company's tight control of its App Store. And now another group
of hackers claim they've cracked its newest crown jewel and Google Killer, the voice command and search tool Siri, to run on any device potentially even Google's.
Today, we managed to crack open Siri's protocol, reads a blog post
by a group of French security researchers and consultants at the
Paris-based firm Applidium. As a result, we are able to use Siri's
recognition engine from any device. Yes, that means anyone could now
write an Android app that uses the real Siri! Or use Siri on an iPad!
And we?re going to share this know-how with you.
Applidium?s hack hasn't been independently verified, and the
researchers didn?t immediately respond to my call asking for more
information on their work. But they posted a test file they say was
produced by speaking into their own version of Siri running
autonomously, not on an iPhone, a demonstration that they?ve lifted the
protocol from its exclusive home on the iPhone 4S and could implement it
elsewhere?albeit with some limitations that will make the trick tough
to reproduce on a mass scale, and likely very shortlived.
Applidium?s researchers say they began their hack by sniffing the
iPhone?s network data to watch how it communicated with any remote
machines?sure enough, they spotted the server that crunches the voice
data from the phone?s Siri protocol and feeds back a response. But the
application used an encrypted SSL connection, and checked to see that
the server it communicated with showed a valid certificate, the digital
signatures that are meant to determine that a machine talking to another
machine is the machine it says it is?in this case, an Apple server
But SSL is notoriously fraught with implementation problems,
and Applidium exploited one: It set up its own custom certificate
authority and used it to spoof a fake guzzoni.apple.com server, which
was then able to receive and decrypt all of the Siri communications
between their iPhone 4S and what the device thought was a real Apple
server. Seems like someone at Apple missed something!? the researchers