Siri Protocol Cracked Wide Open To Work With Any Device Or App, But There’s Still A Catch

Siri Protocol Cracked Wide Open To Work With Any Device Or App, But There’s Still A Catch

Oh, wow. The engineers over at app developing firm Applidium say they’ve cracked Siri’s security protocol wide open. In fact, using their method, they say that any app and any device can now use Siri in theory. In reality, though? There are a few obstacles remaining.

Applidium deciphered Siri’s protocol by setting up their own custom SSL certification authority, adding it to their iPhone 4S and using it to sign its own certificate for a fake “guzzoni.apple.com” server, which allowed them to sniff out the commands Siri sends to Apple’s official servers.

What did they learn? First of all, Siri identifies itself endlessly… and the only identifiers that return correct results are if your Siri command identifies itself as a specific iPhone 4S.

Two? Apple sends a lot more information back and forth between Siri and its servers than you would think. For example, Apple’s server sends a confidence score and a timestamp of each word when you use its text-to-speech abilities.

At the end of the day, though, Applidium were able to get a correct Siri result by using the cracked protocol to send a command to Siri without using an iPhone at all. But unlike some Siri hackers, Applidium is putting the proof out there, and have provided the tools they used to talk to Siri to the hacking public at large.

What does this mean? In theory, using Applidium’s method, any device could access Siri and get correct results from the servers, as long as they have the unique identifier of an iPhone 4S. That means iPhone 4S owners could theoretically hack their Macs, their iPads, or whatever other devices they own to run Siri. Perhaps more usefully, developers could implement Siri into their own apps, as long as those apps were running on an iPhone 4S. Neat!

(Thanks for the heads up, Mark H.)

Related
  • WVMikeP

    It’s not as simple as the last paragraph suggests.  There is the whole speech piece.

  • Guest

    So…. why is screwing around with this a good thing?  I want Siri to work, not be overwhelmed by people who aren’t really supposed to be using it. 

  • Blake Beavers

    soo… when can I put this on my iPhone 4?

  • tom

    Who really cares. Siri is not that wonderful anyway.

  • @rtigz

    You must have recently purchased your very first iPhone.  I’ll just leave it at that…

  • Jordan Clay

    According to the article….when you get an iPhone 4S

  • prof_peabody

    You may have violated Federal law in the USA by simply providing a link to Applidium.  

    Hacking an iPhone to get Siri support is 100% illegal regardless of whether it actually works or not.  It’s a federal crime in fact.  

  • Wankstainhater

    Fuck off knobstain

  • indiscriminater

    Bad laws are meant to be broken, especially ones made by self righteous asswipe americans  

  • Brandon Dillon

    Why are do you continue to troll here, with your anti-American self, on a USA blog?

    You know damn well that nobody here cares. I’ve never seen somebody who, literally every single post, is geared towards instigation.

  • prof_peabody

    Because it isn’t a “USA blog.”  It’s just a blog on the internet.  

    Roughly half of any site like this’ users are actually not from the USA, you just assume they are.  Several of the staff writers are not in the USA.  CultofMac is probably the worst candidate for calling something a “USA blog” you could have found. Anyway I don’t troll, I’m an admin here.  I’m one of the people who selflessly devotes hours of my time deleting all that nasty spam off of this site for you.  I’m trusted not to delete comments like yours because although I might hold some different opinions, i’m not dangerous, or particularly rude or most of the other things that might get you in trouble on a site like this.  

    I also make plenty of positive posts and say lots of nice things too.  You just missed them I guess. 

    My point was only that jail breaking for an illegal purpose is still a federal crime in the USA.  This would seem to fit into that category.  

  • ichiroa

    Siri is not a free service. The price to use Siri is the purchase of iPhone 4S and service associated with it. Apple made a huge investment in Siri and future development. Anyways, lets take bets on how long it will take Apple to close this hole and start going after illegal users. Sorry to be a downer but when you work for yourself maybe you would want to protect your investments.

  • Lol

    dude don’t be an a$$ Apple knows very well if they go about this looking like a joke that they will get a nasty image just look at sony and geohot!

    You say it’s illegal for them to post this? SO ARE HALF THE SONGS ON YOUR COMPUTER/MP3 PLAYER! There are much bigger things going on so stop getting your panties in a bunch and chill the f*ck out!

  • Lol

    I know it hurts for Siri to tell you that you just bought the exact same phone but I promise you will get over it

  • 5imo

    troll

  • Keita123

    You my friend is just a stupid f¥ck. Infact, you’re the biggest jerk in town!

  • Annon

    Well, no. If he gets an iPhone 4S, he would not have Siri on his iPhone 4.

  • @rtigz

    “My point was only that jail breaking for an illegal purpose is still a federal crime in the USA.”

    Please read the the Library of Congress DMCA exception for jailbreaking so that you do not continue to misinform the readers of this blog.  As an admin here, I would have assumed you would fact check your statements somewhat.

    I’ll save you from having to search the internet and then read.  Jailbreak IS LEGAL and has been for 16 months.

    Don’t club together jailbreaking with illegal activities such as pirated MP3 or torrent downloads.  It just makes you look ignorant to the not-so-ignorant…

  • Dilbert A

    WOOOOOOOOOOSSSSSHHHHHHH!!!!!

  • ohohoSomeoneGotRippedBADD

    the guy just cant accept the fact that he spent a crapload of time and money just to talk to siri.

  • @rtigz

    As an admin here, Prof Peabody gets notifications of each new comment that is posted, yet he resfuses to come back and acknowledge his ignorance to laws regarding jailbreaking and the DMCA exception from July 2010.  Ignorance is bliss, perhaps?

About the author

John BrownleeJohn Brownlee is a Contributing Editor. He has also written for Wired, Playboy, Boing Boing, Popular Mechanics, VentureBeat, and Gizmodo. He lives in Boston with his girlfriend and two parakeets. You can follow him here on Twitter.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News, Top stories | Tagged: , , , , |