A student in the southern province of Kahramanmaraş has discovered a significant security flaw in Siri, Apple’s personal voice assistant service, prompting Cupertino to reward him $2,000 for his contribution.
The 16-year-old Yiğit Can Yılmaz said he found a security flaw in the voice assistant that enabled users to reach notifications via Siri even if they are turned off.
“I found the security flaw in Siri during tests over source codes shared by Apple. Siri was continuing to read the context of notifications even if a user turns them off. This means that even if you have turned them off, Siri does not recognize it. I reported the security flaw to the Apple team responsible for security,” Yılmaz said.
“The security flaw that I found was very important and affected models iPhone5S and above, iPad Air and above, and the 6th generation iPod Touch. They contacted me and fixed the flaw. They also wrote down my name in the list of contributors on the Apple website and I was awarded a $2,000 prize,” he added.
Yılmaz said he has a particular interest in Apple products and aims to become an engineer at the tech giant.
“I have learned programming languages for Apple and I am focused on that field. I am spending all my time off school with Apple software. I have knowledge about all Apple products,” Yılmaz said.
Yılmaz stated that he also found another security flaw, which enabled easy modification of the address bar on Safari, the web browser designed for Apple products. He has again notified Apple of the security lapse.
“Credit card fraud can be done with this flaw. Apple have now fixed that security flaw and will again add my name to the acknowledgement list soon,” he said.