Skip to main content
  1. Home
  2. Computing
  3. News

Your Siri conversations may have been recorded without your permission

Fionna Agomuoh
By

Apple has patched a security flaw that left macOS and iOS devices vulnerable to having interactions with Siri spied upon and recorded when using accessories such as AirPods or Beats headsets via Bluetooth.

The flaw, which is now referred to as vulnerability CVE-2022-32946, was discovered by app developer Guilherme Rambo, according to Apple Insider.

Single AirPods Pro in case.

The flaw was associated with Mac and iPhone or iPad products and had the opportunity for users to have their audio accessories hacked when using apps associated with audio due to the “app needing microphone access or showing that it was using the microphone,” Apple Insider said.

Related

According to Rambo, he realized something was off when he experienced dips in audio quality while using Siri with AirPods on but not when using the microphone in this macOS device. However, the change in audio quality returned when he was in a video conference.

He tested his suspicions by writing a command-line tool called “bleutil” and discovered that the tool intercepted audio data for Bluetooth Low Energy devices connected to macOS products and also didn’t ask for microphone permission to access the system.

To further test the flaw, he created an app that could record users through Siri without requesting permission. The feature wouldn’t even register on a macOS Control Center, the only thing that would come up is “Siri & Dictation,” Apple Insider said.

The app was compatible with iPhone, iPad, Apple Watch, and Apple TV for iOS 15 and the latest iOS 16 beta at that time in late August.

The developer reported the flaw to Apple on August 26, which allowed the brand to investigate its source and find a fix, which was rolled out on the iOS 16.1 update for iPhones and the latest macOS Ventura update for computers. However, it remains unknown whether any bad actors got access to the flaw while it was still open.

Rambo got a $7,000 bounty from Apple for his efforts.

This isn’t Apple’s first run with Bluetooth issues on its devices. In March, the brand released an update for its macOS Monterey 12.3.1 to address Bluetooth and display issues that have been plaguing Mac owners for several weeks. In particular, the update was sent to fix a power management flaw with Bluetooth headphones.

Editors' Recommendations

Topics
The most innovative tech products of 2022
Most innovative products of 2022
Apple’s VR headset may launch soon, intriguing leak suggests
Apple VR Headset Concept by Antonio De Rosa
All the products that Apple didn’t announce in 2022
Apple CEO Tim Cook looks at a display of brand new redesigned MacBook Air laptop during the WWDC22
Warhammer 40,000: Darktide will bring your PC to its knees (and you’ll love every minute)
A horde rushing at the player in Warhammer 40K Darktide.
How to use the new communities feature in Microsoft Teams
The Microsoft Teams Communities features is now available for Microsoft 365 Personal and Family.
The best gifts for PC gamers
A Pc gamer playing games.
How to delete a page in Word
A person using MS Word.
Google is now supporting my awful browser habits, and I love it
Google Chrome opened on a laptop.
Google just revealed what you found most fascinating in 2022
A Google search page for most popular movie of 2022 is shown falling into a vortex.
Even 15-inch portable monitors come in OLED now
ViewSonic ColorPro VP16 OLED monitor caters to creatives
How to reset graphics drivers in Windows 11
A mini-ITX PC setup with the SSUPD Meshlicious case.
The most common multi-monitor problems and how to fix them
Dell UltraSharp 27 4K PremierColor Monitor
Upcoming MacBook Pro could have a 20-inch folding display
A concept visual of a foldable screen MacBook Folio.