A French software company claims to have cracked the inner workings of Apple’s Siri personal assistant, potentially allowing hacked versions to work on Android.
Applidium said it has been able to fool Siri into transcribing requests made from non-iPhone devices.
“Today, we managed to crack open Siri’s protocol,” the company said in a blog post. “As a result, we are able to use Siri’s recognition engine from any device. That means anyone could now write an Android app that uses the real Siri. Or use Siri on an iPad.”
While it was initially a standalone app, Siri was released with the iPhone 4S and restricted to that handset. According to Applidium, it reverse engineered the protocol used between iPhone 4S handsets and Apple’s servers, and worked out how to use fake SSL certificates to beat Apple’s security.
“We learned a few interesting things about how the iPhone 4S talks to Apple’s servers," the company said. “The iPhone 4S really sends raw audio data. It’s compressed using the Speex audio codec, which makes sense as it’s a codec specifically tailored for VoIP.”
Applidium tested it and returned a perfect match, the company claimed, adding that “this sound sample never went through any iPhone, but nonetheless we got Siri to analyse it for us”.
Applidium has made the tools for building apps based on its discoveries available on its website, but warned that Apple would probably update its security to stop the crack before long.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
