I think they burried the lede here. Conversations with Siri are probably pretty generic but being able to evesdrop on keyboard dictation is pretty severe. I know people that use dictation for the majority of their text messages and email.
> I know people that use dictation for the majority of their text messages and email.
Yeah, I'm one of them. The iOS keyboard has slowly become so bad that it's easier to dictate instead, and my partner does the same while driving via CarPlay. This is horrible to read about.
I recently saw a conversation somewhere about this, people said turning off swipe-typing made a significant difference in the keyboard experience. Haven't tested it myself as I use swipe, and have no issues. But might be worth a try.
Even worse, it looks like on MacOS you can just straight up start recording on-demand, no need for dictation or siri.
> Even worse, this particular exploit would also allow the app to request DoAP audio on-demand, bypassing the need to wait for the user to talk to Siri or use dictation.
And this is why I have the internal microphone disconnected on my macbook pro. The only time a mike is attached is when I'm actively using it, and even then they have hardware kill switches.
Simple kill switches would be nice to see but I doubt Apple would ever implement something like that.
>I'm talking about national security level sensitive things, not your little brothers surprise birthday plans...
You added "national security level sensitive things", not the parent. There are thousands of subjects one might not want to be eavesdropped on that are not "national security level sensitive things".
Not to mention "national security level sensitive things" are not that far-fetched either. Not everybody lives a life as uniteresting as you imagine.
What about a activist or a mere vocal critic living in an opressive regime? Or a politician with enemies in the other party (happens all the time, and judging from Watergate and Hoover, also happens in the US)? Or an investigative journalist talking with his sources for that matter? Or how about a businessman discussing some multi-million dollar deal, or an investor?
Heck, how about a developer with several NDAs, in some major role in a big company, perhaps a FAANG one - like hundreds of people on HN?
I mean, you might be surprised but I'm sure there are more than a few users on HN that discus digital security configurations of large companies in their day jobs. I've been party to more than one conversation where some company unintentionally opened a security flaw for a short period of time that we discussed over a meeting, that if some evil 3rd party listened to may have gave them a window to exploit services.
The probability of someone just happening on that conversation while listening in, at just the right time, to just the right security engineer of the many security engineers in the company, approaches the probability of someone accidentally discovering the security flaw on their own. I think. It's hard to know with probabilities that are vanishingly small.
> just happening on that conversation while listening in, at just the right time,
Not that I'm a nefarious hacker or anything, but if I were to have made an app that snooped this audio stream, I wouldn't stop there. The audio would be uploaded to some virtual server and I'd run some AI transcription against it, then run some combination of NLP search and good ol' regex to forward me any audio file and its transcription that contained words like password, security, vulnerability, login, pin number. Any series of numbers around 16 digits long, a list of all current members of congress and major foreign politicians and diplomats, fortune 500 ceo names...
For like $10/mo, (or even more likely, the cost of hijacking someone else's unsecured wordpress server) there can always be something listening.
Credit card numbers, social security numbers, passwords. People say all of these things around loved ones all the time without worrying about hardware being "around." Hardware, shockingly, is always around.
And despite the author's dismissal of the Facebook listening "myth," everyone I know has an uncomfortable advertising eavesdropping anecdote. Maybe we can agree it's more correctly an unsubstantiated claim.
National security is nothing more than the sum total of the individual
securities of each citizen.
If your granny cannot trust technology not to have her bank account
emptied by criminals, and Bob the local businessman cannot have a
conversation free from casual industrial espionage of competitors,
then that's national security. We live within nations that prosper
as a result of our individual prosperity, and which perform a duty of
care to protect those citizens.
The phrase took on grandiose and "special interest" tones during the
Cold War and Vietnam era, particularly under Nixon.
But this is 2022, and I urge you to carefully rethink what that phrase
means in a connected and increasingly hostile world. Everyone's
privacy is a small part of National Security.
I talk about my personal life (including such topics as my marriage and other things) quite often, and I don't want others to be able to record those conversations.
>I think they burried the lede here. Conversations with Siri are probably pretty generic but being able to evesdrop on keyboard dictation is pretty severe. I know people that use dictation for the majority of their text messages and email.
I agree with your take!!
If you scroll to the "Full TCC Bypass on macOS" portion, you can see that this bug allows folks to turn on an Airpod and direct that audio to a macOS device. This could enable what is known as a Tempest Attack[0,1]
>BTLEServerAgent did not have any entitlement checks or TCC prompts in place for its com.apple.BTLEAudioController.xpc service, so any process on the system could connect to it, send requests, and receive audio frames from AirPods. This exploit would only work on macOS, because the more restricted sandbox of iOS prevents apps from accessing most global mach services directly.
Stuff like that are why I hate Bluetooth in general, and I'm on the fence if either my laptop OR phone will be Apple products when I replace them.
(They seem to cater to people who replace their devices every year and camp out outside the Apple store for new Apple stuff like nerds rather than the folks who didn't want to spend every weekend messing with kernel drivers and thus adopted what I will continue to refer to as "shiny BSD" even though they long since changed the name from OSX to macOS.)
I use it constantly for brainstorming ideas and thinking out loud. Very rough first drafts of essays, stuff like that.
Basically whenever I just want to get my thoughts out and I'll be the only person reading it, so I don't worry about typos because I can always figure out what I meant.
It's a godsend in terms of speed. I type fast but my brain still goes faster. But I definitely speak faster than I can think.
It only works privately in an office or at home though, obviously. Not helpful on the subway.
My partner uses it constantly while driving. It's illegal to use a phone while driving, and we have cameras everywhere that will catch you if you have it in your hand and smack you with a near $500 fine and points on your license. So dictation is extremely common.
> Can physical microphones be removed from Apple devices by a repair shop, while still allowing use of wired/wireless headsets?
Yes, this is what I do. The mike is actually still in the laptop but it's disconnected from the motherboard. On a 2021 M1 Macbook pro all you need to do is pop off the back cover and disconnect one cable on the right side of the motherboard. All in all takes about 10 minutes of work.
There actually is a physical microphone disconnect for new Mac laptops (~2019 and later). When the clamshell is closed, the mic’s connection to the MLB is physically severed.
I actually just learned this exists on new iPad models too, with any MFi-compliant case!
I know this isn’t strictly relevant, since the vulnerability discussed here is during active use, just thought you might find it interesting.
My only problem is knowing whether it’s on or off - IIRC the indicator next to the camera is indeed a dumb LED wired right into the camera, but the microphone doesn’t have a hardware indicator.
They pretty clearly state the disconnect is “implemented in hardware alone” about three times in the support article, how would that not be a physical implementation?
What are the physically moving parts in the iPad? How is the T2 connected to the laptop lid, where does the contact breaks? It's pure corporate doublespeak. Especially without schematics, unlike with Purism.
A disconnect doesn't have to move to be implemented in hardware. They describe the implementation in the article linked above:
> In each product with a hardware microphone cutoff, one or more lid sensors detect the physical closure of the lid or case using some physical property (for example, a Hall effect sensor or a hinge angle sensor) of the interaction. For sensors where calibration is necessary, parameters are set during production of the device and the calibration process includes a nonreversible hardware lock out of any subsequent changes to sensitive parameters on the sensor. These sensors emit a direct hardware signal that goes through a simple set of nonreprogrammable hardware logic. This logic provides debounce, hysteresis, and/or a delay of up to 500 ms before disabling the microphone. Depending on the product, this signal can be implemented either by disabling the lines transporting data between the microphone and the System on Chip (SoC) or by disabling one of the input lines to the microphone module that’s allowing it to be active—for example, the clock line or a similar effective control.
This is a strange way to reason about electronics. A processor is a “physically moving part.”
Hardware !== clunky obvious tactile contraptions
Anyway, I actually have an answer for you, at least for apple portable computers — most new macs come with a sophisticated lid angle sensor used to detect the display angle with high precision. (Previous models used more conventional Hall effect sensors which didn’t live to apples standards for a hardware cut off
Why is it importable to know the precise angle of the display in relation to the top case of the computer? Because you can detect when it’s closed with a high degree of confidence!
> How is the T2 connected to the laptop lid, where does the contact breaks?
So, your comment clearly indicates that you have very little experience with apple products and industrial design and engineer. You also made no effort to look into the matter see if you could find an answer yourself (it took me 4 mins of googling to connect the new LAS to the mic cutoff when computer is closed.
So you made a spurious allegation that apple was lying, when pushed on it, you followed up with an even more nonsensical comment that made your lack of hardware experience more obvious.
And after all of that, rather than having the self-awareness to drop the matter, or at very least, do some of your own research, you instead decide to sign off by accusing apple of misleading their users.
It's a good idea, but I can imagine how frustrating it would be if someone called and I didn't have my headset. The EV of avoiding that experience seems slightly higher than the EV of avoiding risk of being eavesdropped on by a wayward smartphone process by disabling the internal mic.
“Why aren’t you able to dial in with just your computer?”
“Oh, you know, I’m a bit paranoid about my microphone being hacked so I disconnected the microphone internally. If you give me 10 minutes, I can put it back together real quick”
Not the vibe I personally wanna be giving friends and colleagues.
Instead of Bluetooth defaulting to on, and re-enabling itself next day if you turn it off from the control center, I'd like for Bluetooth to default to off. You'd have to enable it from the control center, and it would disable itself after a certain period of inactivity.
I suppose that won't happen, as it would wreck the Find My network if it depends solely on Bluetooth.
You can create a Shortcut (in the Shortcuts app) that actually turns off Bluetooth completely. Then you can add automation to run your "turn bluetooth off" shortcut multiple times a day. Haven't look into it but you might be able to create another shortcut that turns Bluetooth on, but then sets a background timer for X minutes after which it'll then turn Bluetooth off again.
Not that elegant of course, but sort of makes it possible.
When you turn off bluetooth from CC, it’s not even turning it off. The radio is still on - it just doesn’t make any new connections. You have to turn it off in preferences for that.
It's more than find my. Bluetooth just being on is core to the just works experience for airpods, apple watch, and a bunch of other smaller features. And the reasons for turning it off are vanishingly small for the average person.
For security this is probably something that could be brought in to lockdown mode for people who want absolute security over convenience.
That would be a good safety-first default. If Control Center could have buttons linked to iOS Automations for radio state, then advanced users could control this behavior with custom scripts.
> wreck the Find Me network if it depends solely on Bluetooth
Find Me presumably uses all identifiable radios, including BT, UWB, Wi-Fi.
It's not really a question, hardware switches work and companies refuse to put them in so they can... shrink the profile of devices in ways that rely on rare earth minerals to an unsustainable degree when combined with the typical replacement rate.
Hopefully legislated right-to-repair can open the door to aftermarket mods, including phone body with new switches that can electrically disconnect specific sensors.
I worry about requiring switches in the same way one can require a universal standard for power delivery. (The EU did that recently... good move IMO, though I can understand the delay since discussions about amperages and whatnot do take time.[0])
Maybe requiring anyone who wants to contract with the US government to offer such a model, and that said model be available for consumer purchase as well, would be a simple solution.
They sometimes won't let say, Russia, buy the same stuff as say... Canada... but that's usually stuff like night vision goggles. The exact same phone or laptop, just slightly larger with more switches shouldn't have any... I think the word is "export controls"?
Please keep in mind, I am not a lawyer, and I'm very stupid -- I only have a master's degree -- so sometimes the things I say are wrong... please only credit me for the times I'm right. Thx!
I'm off to do more drugs now... have a nice Thursday!!
"Right to Repair" is the terminology that has gained the most legal traction (e.g. some narrowly-scoped legislation) in the US and EU. https://www.repair.org/
"iOS bug allowed apps to eavesdrop on your conversations with Siri" should be "iOS bug allowed apps to eavesdrop on your interactions with Siri and dictation over bluetooth"
Is there actually people using siri? It’s pretty useless here in Italy. Most conversations I guess could be something like “raise the volume” “call mom” or stuff like that.
I'm an avid iPhone user but have never had the need or the desire to use Siri.
I suggest people do what I do, load a profile that disables Siri - easily created using the Apple Configurator tool (under "Restrictions" untick "Allow Siri").
N.B. I've never looked closely under Settings on the phone itself, there may well be Siri off option there ? But I just load profiles as I find its easier for hardening.
The BLE peripheral (AirPods) have to be connected and paired. Then, this connected device was “explorable” via other apps on the same device because the actual connection is maintained by the middleware/OS… e.g. an app may disconnect from a peripheral but it’s only a request, and the OS will only truly disconnect if all apps are “disconnected.”
Not just insulting to the dev, but to users as well. Any app on my Mac being able to eavesdrop at all times when wearing AirPods is "worth" just $7k to Apple?
I'm reminded about the Apple Music passage in the After Steve book, where Apple tried to fuck over musicians just because they thought they could get away with it (zero royalty payments during Apple Music trials, so the trial was 100% subsidized by labels and artists), before walking it back. The executives are clearly far more concerned with bad PR, and not guided by values or principles.
Who would you sell it to and what would the buyer do with it? Outline the scenario you have in mind and we can try to sort out how to leverage this specific bug for $7000 worth of some kind of value.
Conceivably, a state actor could use this bug to eavesdrop on an espionage target, no? There is a market for zero-day exploits, where state espionage entities and criminal organizations both pay to learn about the existence of vulnerabilities like this—with prices in the hundreds of thousands to the millions of dollars.
Are you saying that this particular bug would not be worth more than $7000 in one of these markets, or are you questioning the very existence of these markets?
Conceivably, a state actor could use this bug to eavesdrop on an espionage target, no?
Well, let's try to conceive it. Our state level actor is now in possession of an exploit that lets them eavesdrop on a target when they text-dictate or activate Siri, while wearing particular Apple headphones. After getting the target to install a specific malicious app from the App Store. And to run it. And to give it Bluetooth permission. And to make sure to restart it whenever they reboot their phone or the phone kills it for any reason. The value of this as state-level actor surveillance malware feels a lot closer to $0 than $7000 to me but I'm happy to hear a different conception of how this might work.
You're not wrong from a technical perspective, but typically the purchaser would be a broker that re-sells these types of exploits to a state-level actor, or even to another broker. Said brokers are interested in acquiring exploits that check certain boxes for their gov buyers, and anything that checks the iOS box is always going to be a hot commodity.
Remember, at the end of the day the sale is to the government and they have big pockets and less common sense.
There are a number of actors who buy bugs like this - you largely don’t hear about them because once they became notorious it gets harder for them to do their jobs.
Google The NSO Group for an example, and that’s just private entities. nation state actors are a whole other market for such things.
It’s good UX - presumably most users want to turn off WiFi/bluetooth temporarily when using these buttons and this saves you from forgetting to turn it back on. I was delighted when they changed.
I agree it’d be nice to have a choice for how it works on your device, but current behavior would still be a good default.
> and this saves you from forgetting to turn it back on
Apple has since extended this helpful "innovation" to the power button, which no longer turns off iPhones, requiring a faraday bag to block WiFi/BT/UWB radios from communicating while iPhone is "powered off".
> With iOS 15, your iPhone is still traceable through the Find My network even when the device is powered off. It seems that with iOS 15, the phone is not really fully ‘powered off’, it stays in a low-power state and acts like an AirTag, allowing any nearby iOS device to pick up the Bluetooth signal and send back its location.
Afaik if you care about that, you should be able to fully turn off Find My integration?
The idea does have some benefit though. For example, if you enable “Express Transit” for Apple Pay and your phone runs out of battery, you still will be able to tap-to-pay for a subway / bus ride home. The payment NFC subsystem is also separate and has its own battery reserve.
As a half solution: You can create a Shortcut that turns of BT/Wi-Fi completely. You can then add that Shortcut to your home screen for easy access. That's what I do and it's way nicer than going to Settings, though I wish it was just in Control Center.
Go to the Shortcuts app that comes with the phone. You can create shortcuts to do just about anything, in this case you'd make one that sets WiFi to Off and sets Bluetooth to Off. Then that shortcut can be turned into an app icon that you can just press any time.
I called this a data grab from day 1 and stand by that. The amount of fellow iOS developers I've had argue for the "convenience" is astounding. There should be a settings toggle to control the auto-reenable behavior.
AirTags wouldn’t work as well if everyone’s phones weren’t constantly transmitting/receiving, for one thing, and grabbing data on all nearby WiFi SSIDs and beacons helps with location services and probably advertising.
Yeah, this behavior sounds a bit anti-user to me. The action pretty much boils down to,
"Oh, you disabled Bluetooth and left it that way? Well, we know better so we're going to turn it back on without your knowledge or approval. You're welcome."
I don't buy the convenience excuse either otherwise the behavior could be disabled if desired.
There's really no basis for this beyond its reflexive repetition on messageboards. You might as well type 'million dollar logout CSRF' in every vulnerability report thread.
$25,000. App access to a small amount of sensitive data normally protected by a TCC prompt.
In this case you get a misleading prompt, the access requires additional interactions. It's a serious bug and I'm all for reporters of serious bugs getting bigger bounties from companies that have more cash than they know what to do with. But simply dropping a random number in every single one of these threads is just noise, not even advocacy or technical discussion.
I think you missed the end of the article where any MacOS app could turn on your AirPods microphone without any permissions at all and at any time at all.
No it can't. It's only during Siri commands and dictation. It's not always-on.
Edit: NEVER MIND, that's correct, sorry. Why the heck does the article put the most dangerous part only at the end, and not include it in the tl;dr or anywhere else at all...??
Interesting that the page defines "sensitive data" as data "from Contacts, Mail, Messages, Notes, Photos, and real-time or historical precise location data — or similar user data — that would normally be prevented by the system." Notably missing is access to the microphone or camera.
I'm very surprised that Apple did not find this fell under the "or similar user data."
>The top payouts in each category are reserved for high quality reports and are meant to reflect significant effort, and as such are applicable to issues that impact all or most Apple platforms
It seems like the researcher put in significant effort, the demonstration was gold plated, or comparable exploits require far greater amounts of time and work to uncover.
The platform coverage seems broad enough to tick that box.
I would be very interested to read the internal report on how the $7k bounty figure was arrived at.
It is definitely arbitrary but part of me does think that surfacing such a bug is pretty important and if the monetary incentive was higher then we would have more white hat pentesters out there.
Is anyone else an avid iPhone user, yet also someone who never uses Siri? I've used an iPhone exclusively for the past 8 years, and I can count on one hand the number of times I've used Siri. Interestingly, the one person I know who loves using Siri is my 70yr old dad.
I've given up asking her arbitrary questions - the other day I asked what the weather was like in Sydney. (I live in Australia, so the context is really obvious). She told me what the weather was like at "Sidney's tool shed" - wherever that is.
But I use siri daily for things like:
- Setting and stopping alarms and timers: ("Hey siri - set alarm for tomorrow morning at 9:25" / when the alarm goes off: "Hey siri stop")
- Turning on and off my lights. Its a delight every time to say "hey siri goodnight" when I go to bed and see all the lights in the house turn off.
Siri handles this fine on my new phone from the opposite end of the globe. This seems to support my suspicion that they ship increasingly less sophisticated Siris to increasingly older phones. Siri on my 6S Plus before this became almost useless once they switched to on-device processing. It's also much better at identifying objects in photos for searches.
I'm querying siri on a homepod, not a phone. And I just checked - she still answers with a weather report near "Sidney Tools". (Its currently raining and 17 degrees C, if you're wondering.)
I have a running theory that you can tell how long any FAANG bug will stick around by just imagining a 25 year old tech dude in the bay area. If Dave the bay area tech dude will never encounter the bug, you're in for a bad time.
For example, google maps used to give terrible directions at roundabouts (traffic circles). That makes sense because there's no traffic circles in the bay area. All the people who could fix the problem weren't aware there was a problem at all. Dave is terrified of roundabouts, so of course it took about a decade for directions at roundabouts to improve.
A corollary of this is that modern software works well proportionally to how closely your setup matches that of the average bay area tech dude. Everything works best if you have a new phone (preferably an iPhone), fast computer and you speak english. Woe be to you if your computer is old and slow, or you use a right-to-left language, if you're blind or you have a bad internet connection.
Macos feels laggy and slow on a slow internet connection because of course it does. Bay area tech bros are never in that situation! What would Dave know about slow internet?
I run into some things like this in Georgia. I wanted to know when the humidity and temperature were low enough to be safe. It's always nice in that part of California, so Siri has no concept of humidity and temperature. It just throws out a general weather report. The weather app at least has graphs for UV index, humidity, and temperature now. I think it must have come by way of Dark Sky.
This isn't just a SV thing, though. I downloaded a well-regarded weather app from a country in Europe that has pretty consistent humidity. The app didn't even show humidity. People have trouble seeing outside their bubble. SV just happens to have outsized influence, for now.
No kidding! She obviously knew what was wanted, but instead of doing her fing job, she tells you how to do it yourself. She doesn't like when I tell her to F herself. I hope some of those recordings end up with Apple training.
May they be hedging against a vulnerability where a malicious person with similar enough voice closes some crucial app in a sticky situation. It's not as harmless than setting reminders/alarms which I use Siri for.
yeah like in that movie when the Bomb Squad is using Pocket Bomb Defuser Pro 2023 and the bomber shouts over the loudspeakers "Siri, Turn off Bomb Defuser Pro" and then everyone was sad.
A moody teenager rips a poster of Jobs off their bedroom wall.
Siri's performance and quality seems to depend a lot on the on-board ML cores since it switched to on-device. It was basically unusable on my 6S Plus with its early ML cores, and now it's great on the 14 Pro Max I replaced it with. It seems like they ship a Siri to match the device capability.
I had the idea that Siri could only recognize "Hey Siri", and after that it would offload the task to Apple's cloud. If it's offline now, it would be great, but I don't see how the ML cores would help. Speech-To-Text is practically solved for most devices, after that you're interacting with a regular chat bot.
All I know is what I experienced: it got less reliable with the switch and stopped handling stuff it handled perfectly before, then got better with a newer phone.
I use Siri to set a timer. That's it. And I do it by holding my power button to activate her.
My only other use of Siri usually involved phrases like "stop", "go away", "close", "fucking close!", "you stupid fcking * ** close the **** thing" when Siri would pop up out of nowhere and interrupt whatever I was actually doing. I had it turned off, but occasionally somehow it's back on, listening.
Other actual attempts at using it have been no better than 50% effective, so it wasn't worth the trouble. And I was speaking very clearly and articulately.
I've observed a friend (a Googler who had Google-fied his house) have frequent useless conversations with the Google assistant, so maybe 50% is the best you can hope for. No experience with Alexa, but I'd be too scared to even turn it on; I might end up with three refrigerators delivered the next day.
Same here. Even that simple task (setting a timer) only has about a 75% success rate for me. The other 25% it spins for 30 seconds then says "hmm something went wrong". Trying for anything more complex, even playing a song or album, is just asking for trouble. I honestly can't believe how bad Siri is despite years of development.
I do have an older iPhone 10 and maybe it's just not up to the task of running Siri? But if so they should disable it rather than put on this extremely amateur feeling show.
For what it's worth we have an Echo Dot in the house and I find it to be both orders of magnitude more responsive and more likely to actually do what I asked for. No unwanted refrigerators have arrived as of yet.
I use Type to Siri on my Mac; all I ever use it for is "Play [song]". 70-80% of the time it goes: "something went wrong..."
When I try typing "Play [song] on repeat", it never understands that; it plays it, but not on repeat.
There's zero excuse due to mishearing me, since I'm typing everything. Siri is just defective, and I think it's a great measure of how dysfunctional Apple and poorly-run is. Why are all of Apple's AI and online-service efforts amateur hour?
My only usage of it is as a push-button dictionary/translator, "define x", "how do you say x in Spanish". For every other use I've found it extremely limited, you have to ask the right questions, otherwise it defaults to a web search on my wife's phone, even if she's not in the room.
How, after all these years, is it still so stunted? There are Telegram bots with better interaction.
> "How do you say Thank You in Dutch?" => "I can't translate into Dutch yet."
Oh no, that's awful. I mostly translate between Spanish and English, it didn't occur to me that Siri was less capable than Apple's own Translator app, it makes no sense.
I use Siri all the time and am half your dads age.
“Get directions to the nearest gas station.”, “What’s the score of the Giant’s game?”, “Play Master of Puppets”, “What is 4’3” in centimeters?” And many, many more.
Man, I used to love using Siri, until I had a daughter and named her "Sarah"
big mistake. Turns out I say "Hey Sarah" a hundred times a day, and all my iDevices pipe up and simultaneously say "Yeah?" "WHAT'S UP" "HEY OVER HERE" "Hi it's me Siri what do you need?"
In case you are earnestly somehow unaware, Sarah is among the most popular feminine given names of all time, with Hebrew origin but also popular with Christians, Muslims, nonreligious people in areas influenced by those religions, and in just about every country and culture influenced by any of those. It's hard to even think of a culture which doesn't use the name Sarah in some form; I'm drawing a complete blank; where are you from? Alpha Centauri?
You are not alone. I've been using an iPhone for over a decade now. I've had Siri turned off the entire time. I have never turned it on. I do not now, or ever, want a "voice assistant" or any technology that listens to me and tries to understand what I want by listening to me. I want technology that does exactly what I tell it to do and nothing more.
Siri is a better option than the alternative "voice assistants" on the market, but they're all bad in my book, and I don't want any of them.
I briefly enabled so I could text mum to say when I was nearly home. Avoids sneaking a traffic light text. Turns out it was waaaaaaaay more distracting and time consuming to get siri to text a single word, so back into the box it went
I switched from Android a few years ago because my company gives out iphones as a perk. I used "ok google" extensively, and loved it. It was incredibly good at answering obscure questions and doing things like navigating or playing a song. It would do what I wanted almost every time, even if I was trying a new command for the first time.
I try to use Siri for the same things, but she suuuuuuucks. If I ask her to play a song, 9 out of 10 times it will do something idiotic- like I say "hey siri play tears in heaven on spotify", she might reply "now playing tears in heaven by a shitty kazoo cover band". If I say "navigate to the closest olive garden", it would say "navigating to olive garden corporate headquarters, estimated travel time 43 hours 12 minutes." But never mind, I can see the olive garden I was looking for, it's at the end of the street I'm on.
These are artificial examples because I can't remember specifics right now, but trust me - the real examples were just as dumb.
She's great at setting timers or alarms though! And I can reliably use her to pause, skip, or adjust volume when I'm showering or something.
I use Siri for setting timers and reminders. It's pretty good at parsing numbers. Other than that, It hasn't been very reliable for me. Apple really needs to overhaul Siri's intelligence.
My personal use as someone his 30s is mostly as a kitchen timer with a HomePod mini (not my phone), to turn on/off lights, and to occasionally toss things onto a to-do list.
My dad on the other hand loves his full size HomePod stereo pair and uses them frequently, almost entirely for playing music with voice commands. I think there are other things he might find it useful for but I haven't shown him those yet.
I have never enabled Siri on any device. Precisely for fear of this kind of shit, or the ones where humans are listening to the recordings that are obviously being made, and all of the other logical conclusions one can reach on how this can be abused.
Just like HDD failures, it is not a question of if but when.
I have never even setup Siri. Sometimes I've been tempted to enable it so I can say, "Siri, call 911!" if I'm assaulted or injured on the trail. I doubt it would help, but it's occasionally disconcerting when my phone isn't quickly accessible.
In my experiences working on voice OS, it's boom or bust depending on the user. Some people use it rarely if ever and some people live by it, and there's little in between. I think it makes sense in most cases to view voice commands as an accessibility feature.
Siri killer apps for me are asking for factoids via my watch, and opening my garage door as I approach while driving (my building uses an app that requires multiple taps + swipes to open the garage door, using Siri makes it palatable.)
Are you using proprietary garage door software? Would live to have any better kind of integration there so any setup details that aren't crazy specific to some manufacturer would be interesting
Not the parent, but I use Shelly devices flashed with the shelly-homekit firmware and I can control them with the HomeKit app or Siri.
I haven't bothered yet to add a open/close sensor so the current open state is lost if I use the remote. I have to invert the actions when this happens. Annoying but I only need to use it this way occasionally.
My apartment building recently switched to an access control system called Brivo. It replaced a keyfob + garage door opener system with an app. Overall not the greatest as it's now difficult to get into the building if you leave your phone at home.
My "integration" with Siri is to set up an iOS shortcut and use Siri to trigger it.
For sure. I stood in line for the original iPhone, owned every model (except the 5C) up through the 6, then an SE, X, and now an 11 Pro since it came out. I played around with Siri when it debuted, but didn't use it much. I turned it off at some point (I think it was when Apple was catching grief for keeping recordings or something like that) and haven't missed it. I'm not against it especially -- it just never really became part of my life.
My colleagues and I had a moment of fun somewhere in remote Iceland, offroading on the way to a glacier. On an iPhone 3G, we were able to ask trivia questions and get pretty useful responses.
Aside from setting a timer, I've not seen Siri do anything more useful in 9 years. You haven't missed anything.
My trust of what Siri is capable of is laughably low but I do use it for reminders ("Remind me on X day...", "Remind me in X hours...", "Remind me when I get home...") and for timers. Occasionally I'll use it for unit conversions but I usually use Alexa for that since I'm in my kitchen often when I use that and it's just right there. Other than that I don't use it.
I only use it to set timers and it sucks at that half the time, not even going to bother with the faff of doing anything more complex. It's quicker to just do it myself as I'll probably have to unlock the screen anyway.
"Siri, timer, one hour thirty"
"Timers can't be set for a time of day, so I set your Timer alarm for 1:30"
I was that way for a long time, but the Apple TV remote got me using it and I now occasionally do use it on my iPhone, mainly while driving to play music on reply to texts. Definitely has come a long way and is useful, one of my friends never types texts anymore and just dictates through Siri.
My mother loves using Siri, she always uses it when she wants to look things up. It seems quite useful for people who aren't proficient at typing quickly, easier to ask Siri.
The first day i asked her for the weather, songs and alarms.
The second day i turing tested her, asked it philosophical questions and insulted it the worst way.
Yes, that was pretty much it.
Ironically, she will complain if you cuss at her and call her names, but she won't turn herself off. And when she pops up without my request, and I want her to go off, it seems there's no verbal way to make her go away... even verbally abusing her.
iPhone user since 2009. I used Siri for about a month when it first came out because I really liked hearing a British man's voice said "SSSSHedule" to me instead of "skedule", but then I learned it was sending all audio to the cloud and noped out.
There were some stubborn bad decisions that Steve Jobs stuck to (1 button mouse, windows that don't appear when you cmd-tab to them), but his Apple seemed to have better software. Since him, it really seems to have gone downhill in terms of bugs and UI consistency.
I didn't claim that. It's just the main reason for not switching according to my friends. The imessage moat in the US is pretty heavily discussed on here.
If HN were a representative sample of what most users wanted from their phones you would think they wanted to spend half the day compiling the Linux kernel on their phone and the other half bemoaning if only they had the “right to repair” they could put their own headphone jack on their phone and get rid of those pesky AirPods
The Google Pixel series seems pretty solid for reliability. I have a Pixel 7 Pro and it's been really good so far in terms of software and build quality. I strongly prefer it to my iPhone 13 Pro, which I'm currently selling off.
But iPhone vs Samsung Galaxy? iPhone wins by a mile. I never got used to the custom interface Samsung loaded onto those phones, and hated that it included Samsung-specific apps that just duplicated those already available by default on stock Android.
I have an iPhone 13 Pro. I found that Android is almost a brick the moment you lose an Internet connection where as the iPhone is still productive and I can do stuff offline and it'll sync everything later no problems.
That is a complete dealbreaker for me for Android. Also, Google.
Ooo that's a big depends on the situation. Making only phone calls. Sure iPhones are great. Running LOB apps. Lol have fun passing that crap through apples store. Androids way easier for LOB.
Remote MDM? Lol nightmare using apples gear. Warranty services? Also a nightmare. Fleet level warranty support? Ahahhahhaha have fun paying folks like IBM out the kazoo. No thanks.
iPhones are rock solid if you played w Fischer price toys as a kid and only ever plan to be on the public consumer end of the game, making calls and using apps someone else has decided are ok for you. Go up the line to fleet rollout or bulk purchasing/warranty work or running custom line of business apps. Ahahhahhaha have fun w apple I've done the work when I was w/ ibm, I refuse to touch it these days.
Kinda funny that you have to buy/support hardware from a company but then need to use a opensoure nonprofit OS to protect yourself against said hardware producer.
So now people that discover exploits should be bullied and threatened by corporations for asking for more money? Heck, I hope Apple does this so that no one will ever want to use them again.
I mean, that's the station where we are heading. The moment you will come to corporation and say: "I have this and this vulnerability, black market offers me X, I want 2X from you." Corporation will then subpoena you to get the knowledge from you and then cease and desist you to prevent you from spreading that knowledge further.
You will try to threaten that you will release it to black market if they won't pay you 2X? Yeah, that's blackmailing. So what else can you do? Either you will start blackmailing them (then I hope you know what you are doing) or you will outright sell it on black market and bypass communication to company altogether.
I would hope you wouldn't threaten that and just ask for more money. If your end goal is to do that, then hopefully you'll be security conscious enough to do so and say... hm, have no idea how that got there. Me personally... I'd release it to the public and watch as the corporation suffers until the next one where they'll be glad to pay more.
Oops, I was trying to install a used HDD and wanted to make sure it was clean with the forensic 7x write option, but I chose the wrong device from the CLI and wiped out the data you're too cheap to pay for
The impact and difficulty of exploit are pivotal parts of assessing the risk of a vulnerability. It doesn’t really matter how many dollars of things are involved if the exploit can’t be exploited or if it’s not a big deal if anyone does.
