Siri hacked by four college freshmen, tons of functionality added

Siri loves to give answers — often snarky — but she doesn't do much outside of create reminders. The voice assistant for iOS is handy, but lacks a lot of curcial control that some have been wanting. Four fast-talking, enterprising freshman at the University of Pennsylvania successfully hacked Siri, creating an exploit that intercepts your queries and redirects them to apps called GoogolPlex.

The spoof is what's called a "man in the middle" exploit, where in the server essentially intercepts messages and gives them another purpose. In the video below, you see the team give Siri the command of "Googolplex, turn off the lights." Siri says she's searching Google for "Plex turn off the lights", but it's quickly redirected to their exploit, where Hue lighting is turned off via Siri.

Orginally created to work with Venmo — an iOs app for making mobile payments to friends — the team quickly learned this cold be used elsewhere, likely with greater success. Though it requires a dedicated command, it seems to work fairly well for those operations it's meant for.

It's not quick, but that's because it's redirecting the user through Safari each time. It's essentially an intermittent step in the process, but sacrificing a few seconds is likely worth it for better (true, really) voice control. It remains to be seen what Apple has up their sleeve for the next iteration of Siri (especially with Cortana on their heels), but four guys at Penn definitely showed what can be done.

Source: The Four Loop

Via: Engadget